jwcolby
jwcolby at colbyconsulting.com
Fri Nov 16 15:46:01 CST 2007
I use this for my own protection. My laptop contains an encrypted file that contains my Colby Consulting stuff (books, etc). I have another encrypted drive that contains all client projects. Thus if the laptop ever does take a hike, all data is encrypted. the other nice thing about this is that you can backup all your work by copying a single encrypted file to a backup location. If that backup location ever takes a hike no data is exposed. I have a usb memory stick (just 1 gb for now) where 3/4 is an encrypted file. If I ever need to carry anything on my person, it is encrypted. The TrueCrypt program is stored on the unencrypted part and can be run from there. Thus I can stick the memory stick into a machine, run TrueCrypt, mount the drive and copy files to/from. Of course you do have to have admin rights in order to do this. I have been using this for about two years now and it just works. Just don't forget your password. I use the first character from a phrase or song, along with special characters and numbers which make it dead simple to remember when you are first learning your password. For example take two nursery rhymes: Mary Had A Little Lamb His Fleece Was White As Snow MhAlLhFwWaS (use alternating upper and lower case) Throw two numbers in front of, behind or around it 0MhAlLhFwWaS9 Now throw two special characters in front of that !0MhAlLhFwWaS9@ That all by itself is a pretty secure password. If you want more, do that twice, perhaps Jack And Jill Went Up The Hill To Fetch A Pail Of Water #8JaJwUtHtFaPoW7$ !0MhAlLhFwWaS9@#8JaJwUtHtFaPoW7$ You get the picture. Either one is a good password, the two together are pretty industrial strength, and dead easy to remember until you have it assigned to muscle memory. Pick a favorite saying, slogan, song, whatever you already have remembered and just use the first character of each word, plus numbers and special symbols. Someone (on this list IIRC) claimed they had a password cracker that would crack any password in XX seconds. I think not. My password is 21 characters long using a simple system like that and takes me about 10 seconds to type in. 10 seconds is not too much to ask for an industrial strength memorable password. http://www.lockdown.co.uk/?pg=combi&s=articles John W. Colby Colby Consulting www.ColbyConsulting.com -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of max.wanadoo at gmail.com Sent: Friday, November 16, 2007 2:11 PM To: 'Access Developers discussion and problem solving' Subject: Re: [AccessD] Off-Site Backup Hi William: Here is such an article which bears out your client's concerns: SECURITY? STICK IT! A recent survey by Tower Software has revealed that 49% of employees store work-related files in multiple locations - posing serious security threats and exposure as well as compliance and information management issues. To read the full story follow the link below... <http://nfptechno.netxtra.net/3805.article?ref=538&cmr=1234180> I have the FE secured with user logins, etc. The BE is password protected. Both ends (now) contained within encrypted files. Backups now contain encrypted files. Totally secure from "outsiders". BUT! - once you are in the system, a (valid) user can still "do things" unless he/she is totally restricted by the various methods outlined in postings to this site. Ie. Menu systems, exporting options, printing data options, etc. At some stage there has to be employee trust. Ie, unless I am trusted (being the developer) then nothing else works. Max -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William Hindman Sent: Friday, November 16, 2007 6:22 PM To: Access Developers discussion and problem solving Subject: Re: [AccessD] Off-Site Backup ...whoa! ...now there is something I'd never considered ...I have a client that is very concerned about employees stealing his data ...I'll have to take another look at this. William ----- Original Message ----- From: <max.wanadoo at gmail.com> To: "'Access Developers discussion and problem solving'" <accessd at databaseadvisors.com> Sent: Friday, November 16, 2007 9:26 AM Subject: Re: [AccessD] Off-Site Backup > John Colby: > > Many thanks for the pointer to TrueCrypt. This is fantastic! I now > have all my BE Data in an encrypted file on the Server and the FE's in > an encrypted file on user's PC's. Even if they steal all the > computers they will never get access to the data without my 40 char > key to mount the volumes. > > Brilliant tip, John. Many thanks > > Max