Nowadays, the most important thing is securing your data you created. After all, that data is the only reason for having the computer and network in the first place and your first priority is applying all your protective strategies in place because application might be reinstalled, but data created by user can never be reinstall may be irreplaceable.Let’s discuss some of the ways to protect all your important user data.
The most important step in protecting is to back it up regularly. You can use the utility that is inbuilt into Windows (ntbackup.exe) to perform basic backups. You can also use a wizard mode for simplifying the process of restoring and creating backups or configure it manually and you can make an automatic schedule of backup jobs to be performed.
To keep accessing of your data from others, then you must set permissions on the data files and folders. But If you have data on network shares, you can change the settings from share permissions to control what other user accounts or guest can and cannot access the files across the network. However, these share-level permissions won’t be applied to someone, whoever is using the local computer on which the data is stored. If you are sharing your computer, then you’ll have to use file-level permissions. File-level permissions can be used for the Security tab on the properties sheet and are very much granular than share-level permissions. Then Comes the Password protector which protects your data.
Many applications allow you to set passwords on individual document which is not accessible without password that we have created. You can also set the type of encryption to be used.Unfortunately, Microsoft’s password protection is relatively easy to crack. There are programs on the market designed to recover Office passwords,
Windows 2000, Server 2003 and XP Pro, which supports Encrypting File System (EFS). There are various encryption based method to protect individual files and folders stored on NTFS-formatted partitions. Encrypting a file or folder is very easy as selecting a check box; just click the Advanced button on the General tab of its properties sheet. Also, you can’t use NTFS compression and EFS encryption at the same time.EFS uses a combination of symmetric and asymmetric encryption, for both performance as well as security. To use EFS encrypt, you must need to have an EFS certificate, EFS files can be opened by the user whose account encrypted them or by a designated recovery agent. Note that EFS is for protecting data on the disk. Moreover, If you send an EFS and someone is using a sniffer to capture the data packets, they’ll be able to read the data in the files.
There are various third-party products available that help you encrypt an entire disk. Whole disk encryption locks the entire contents of a disk drive/partition and is invisible to the user. Data automatically get encrypted when it’s burned to the hard disk and automatically decrypted before loaded into memory. Some of these programs can create invisible containers inside a partition that act like a hidden disk within a disk. Other users see only the data in the “outer” disk. Disk encryption products can also be used to encrypt flash drives, removable USB drives, etc.
As we come to public key infrastructure it is used for managing private/public key pairs and digital certificates. You can protect the data that you want to share with someone else by encrypting it with the public key of its planned recipient, which is available to anyone. The only person would be able to decrypt it is the one who have that private key that corresponds to that public key.
You can also use a steganography program to hide photos and music or even text. Steganography does not encrypt the message, so it’s often used with encryption software in conjunction. The data is first encrypted and then hidden inside another file with the use of steganography software. Some steganographic techniques require the interchange of a secret key and others use private/public key cryptography.
Your data can be also be captured by a hacker while it’s traveling over the network with sniffer software. To protect the data while in transit, make a use Internet Protocol Security (IPsec) —but both the receiving and sending systems have to support it. Windows 2000 and further operating systems have inbuilt IPsec support. Applications don’t have to be aware of IPsec because it operates at a lower level of the networking mode. To use IPsec in Windows, you have to choose the authentication method and create an IPsec policy and IP filters that it uses. IPsec settings can be changed through the properties sheet for the TCP/IP protocol, on the Options tab of Advanced TCP/IP Settings.
Data that you can send over a wireless network is even more subject to interception than the others that we sent over an Ethernet network. Hackers don’t need any physical access to the device or network; anyone with a wireless-enabled portable computer and a high gain antenna can capture your data and get into the network and access data that you have stored there if, else, the wireless access point isn’t configured securely.You should need to send or store data only on wireless networks that use encryption to keep it secure, preferably Wi-Fi Protected Access (WPA), that is stronger than the Wired Equivalent Protocol (WEP).
If you want to send data to others, and worried about its security as well as the privacy,then you can use Windows Rights Management Services (RMS) to control what the recipients are able to do with it. For example, you do have the rights so that the receiver can only read the Word document that you sent but can’t make any change to it. You can also prevent the receiver from forwarding e-mail messages that you send and also set documents or messages to expire on a certain date/time so that the receiver can no longer access them before or after that time.Users who are assigned rights also need to download a certificate from the RMS server.