[AccessD] Encrypting your stuff was offsite backup

William Hindman wdhindman at dejpolsystems.com
Fri Nov 16 16:57:17 CST 2007 

I use a 4gig stick with a u3 encryption program, wear it on a chain around 
my neck. I seldom take a laptop to client offices anymore because most 
everything I need is on the stick ...just plug it in, log-on, sync, and go 
to work ...I use a similar password algorithm but based on an Elvis tune 
...shows my age, it does :)

William

----- Original Message ----- 
From: "jwcolby" <jwcolby at colbyconsulting.com>
To: "'Access Developers discussion and problem solving'" 
<accessd at databaseadvisors.com>
Sent: Friday, November 16, 2007 4:46 PM
Subject: [AccessD] Encrypting your stuff was offsite backup


>I use this for my own protection.  My laptop contains an encrypted file 
>that
> contains my Colby Consulting stuff (books, etc).  I have another encrypted
> drive that contains all client projects.  Thus if the laptop ever does 
> take
> a hike, all data is encrypted.  the other nice thing about this is that 
> you
> can backup all your work by copying a single encrypted file to a backup
> location.  If that backup location ever takes a hike no data is exposed.
>
> I have a usb memory stick (just 1 gb for now) where 3/4 is an encrypted
> file.  If I ever need to carry anything on my person, it is encrypted. 
> The
> TrueCrypt program is stored on the unencrypted part and can be run from
> there.  Thus I can stick the memory stick into a machine, run TrueCrypt,
> mount the drive and copy files to/from.  Of course you do have to have 
> admin
> rights in order to do this.
>
> I have been using this for about two years now and it just works.
>
> Just don't forget your password.
>
> I use the first character from a phrase or song, along with special
> characters and numbers which make it dead simple to remember when you are
> first learning your password.  For example take two nursery rhymes:
>
> Mary Had A Little Lamb His Fleece Was White As Snow
> MhAlLhFwWaS
> (use alternating upper and lower case)
> Throw two numbers in front of, behind or around it
> 0MhAlLhFwWaS9
> Now throw two special characters in front of that
> !0MhAlLhFwWaS9@
>
> That all by itself is a pretty secure password.  If you want more, do that
> twice, perhaps
>
> Jack And Jill Went Up The Hill To Fetch A Pail Of Water
> #8JaJwUtHtFaPoW7$
>
> !0MhAlLhFwWaS9@#8JaJwUtHtFaPoW7$
>
> You get the picture.  Either one is a good password, the two together are
> pretty industrial strength, and dead easy to remember until you have it
> assigned to muscle memory.  Pick a favorite saying, slogan, song, whatever
> you already have remembered and just use the first character of each word,
> plus numbers and special symbols.
>
> Someone (on this list IIRC) claimed they had a password cracker that would
> crack any password in XX seconds.  I think not.  My password is 21
> characters long using a simple system like that and takes me about 10
> seconds to type in.  10 seconds is not too much to ask for an industrial
> strength memorable password.
>
> http://www.lockdown.co.uk/?pg=combi&s=articles
>
> John W. Colby
> Colby Consulting
> www.ColbyConsulting.com
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of
> max.wanadoo at gmail.com
> Sent: Friday, November 16, 2007 2:11 PM
> To: 'Access Developers discussion and problem solving'
> Subject: Re: [AccessD] Off-Site Backup
>
>
> Hi William:
>
> Here is such an article which bears out your client's concerns:
>
> SECURITY? STICK IT!
> A recent survey by Tower Software has revealed that 49% of employees store
> work-related files in multiple locations - posing serious security threats
> and exposure as well as compliance and information management issues.
> To read the full story follow the link below...
> <http://nfptechno.netxtra.net/3805.article?ref=538&cmr=1234180>
>
>
> I have the FE secured with user logins, etc.  The BE is password 
> protected.
> Both ends (now) contained within encrypted files.  Backups now contain
> encrypted files.  Totally secure from "outsiders".
>
> BUT! - once you are in the system, a (valid) user can still "do things"
> unless he/she is totally restricted by the various methods outlined in
> postings to this site. Ie. Menu systems, exporting options, printing data
> options, etc.
>
> At some stage there has to be employee trust.  Ie, unless I am trusted
> (being the developer) then nothing else works.
>
> Max
>
>
>
>
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William Hindman
> Sent: Friday, November 16, 2007 6:22 PM
> To: Access Developers discussion and problem solving
> Subject: Re: [AccessD] Off-Site Backup
>
> ...whoa! ...now there is something I'd never considered ...I have a client
> that is very concerned about employees stealing his data ...I'll have to
> take another look at this.
>
> William
>
> ----- Original Message -----
> From: <max.wanadoo at gmail.com>
> To: "'Access Developers discussion and problem solving'"
> <accessd at databaseadvisors.com>
> Sent: Friday, November 16, 2007 9:26 AM
> Subject: Re: [AccessD] Off-Site Backup
>
>
>> John Colby:
>>
>> Many thanks for the pointer to TrueCrypt. This is fantastic!  I now
>> have all my BE Data in an encrypted file on the Server and the FE's in
>> an encrypted file on user's PC's.  Even if they steal all the
>> computers they will never get access to the data without my 40 char
>> key to mount the volumes.
>>
>> Brilliant tip, John.  Many thanks
>>
>> Max
>
> -- 
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com

More information about the AccessD mailing list