Can You Keep A Secret?

A typical laptop computer is a disaster waiting to happen. There is a quick, cheap, simple, totally effective way to fix the problem -- preferably, before it fixes you.A few ugly numbers tell the story: According to one major study, about 40 percent of all computer data-breach incidents during 2006 were due to lost and stolen laptops. Those incidents alone involved more than 30 million personal business, medical, government, and other individual records.

Just six percent of these laptops employed any sort of data protection. The rest contributed directly to a mess that will cost a fortune to clean up -- and would have cost almost nothing to prevent.

Of course, wayward laptops are just part of the problem: No matter where you store sensitive data, it can still fall into the wrong hands. Encryption software is the best way -- and, in fact, the only way -- to protect your data, no matter where it ends up or how it gets there.

Data-encryption software has a reputation for being complicated and hard to use. One of the best encryption tools available, TrueCrypt, is neither of these things. TrueCrypt is also completely free to use and distributed under an open-source license.

Over the past couple of years, TrueCrypt has evolved at a very impressive pace. The Windows version now supports both encrypted files and encrypted disks/partitions, including Windows system partitions. You can also mount encrypted RAID volumes, CDs or DVDs, and portable storage devices such as USB flash drives.

TrueCrypt can encrypt volumes as big as 1PB (that's 1,000 terabytes), and its performance got a huge boost with the ability to take full advantage of multi-core processors. That is an important feature, since TrueCrypt is an on-the-fly encryption tool; on a system with an encrypted drive partition, for example, data is retrieved and decrypted only when you need it.

While the Windows version of TrueCrypt is still the most mature, its Linux and Mac OS support has improved a great deal since the beginning of the year. All three versions, for example, now support hidden, encrypted partitions (more on that in a moment) -- and an encrypted storage volume created on one platform will open just fine on another.

Perhaps the most talked-about TrueCrypt feature involves what its developers refer to as "plausible deniability." Although TrueCrypt can create hidden, encrypted files and storage volumes, it takes the concept a step further:

"It may happen that you are forced by somebody to decrypt the operating system or to reveal the pre-boot authentication password. There are many situations where you cannot refuse to do so (for example, due to extortion). TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove. . . Thus, you will not have to decrypt or reveal the password for the hidden operating system."

This is encryption for the truly paranoid -- or the truly persecuted, given the number of countries where the very act of keeping a secret from the authorities can be a life-threatening act of defiance. Whether or not you ever need this sort of feature, however, it shows just how committed TrueCrypt's developers are to creating an effective, rock-solid data-security tool.

Also, like so many highly regarded security applications, TrueCrypt is open-source software. This is important, since proprietary encryption tools can -- and, in some cases, probably do -- include undocumented "back door" access to their users' protected data. You may trust the government, but do you also trust every programmer who may have worked on a proprietary encryption product?

Is TrueCrypt 100 percent secure? No, and neither is any other encryption tool -- past, present, or (forseeable) future. Fortunately, you don't have to protect your business data against a legion of NSA cryptanalysts or an evil genius with an IBM mainframe sitting in his secret lair. And unless I'm wrong on either of those points, looking askance at the security a tool like TrueCrypt has to offer is just plain foolish.

Keep one more important point in mind about TrueCrypt: While it is powerful and offers a lot of flexibility for advanced users, its default setup process is quick and easy enough for any computer user.

In other words, there really are no excuses.