Keep Sensitive Files Safe

How to keep your sensitive files safe after you have scanned them.

Stever Robbins
5-minute read
Episode #77

Now you can get Get-It-Done Guy and other great shows from Quick and Dirty Tips streamed free to your iPhone with Stitcher.                                                

Today's topic is protecting sensitive data, physically and electronically. The quick and dirty tip is to use encryption with multiple copies of offline storage.

David writes:

I scanned some documents a few years ago and my computer was attacked by a crawler. If you’re scanning documents, it may be a good idea just to back up to CD if they contain credit card numbers. Just a thought…

Ah, David. A Zen master would point out that a butterfly flies joyously from flower to flower, with never a thought about scanned documents or backups. It just lives its life in the eternal moment. I point out that five minutes later, the butterfly was captured by a curious 8-year-old and pinned to a science fair project, living its remaining few minutes in indescribable agony. I am not a Zen Master.

David has revealed the truth! If you scan everything onto your computer, it becomes a one-stop-shop for a dastardly scoundrel to steal your identity. I was identity thefted, once. He had a great time in the Presidential Suite at Caesar’s Palace in Las Vegas, taking a first-class trip to Hawaii, buying a $2,000 suit and $400 tie, and gambling the days away. I don't even know what a $400 tie looks like. But I do know it's creepy as Heck to know someone out there is claiming to be you, has a fake ID that proves it, and you really can’t prove that you’re you. In fact, maybe I’m not me. Maybe I’m him and just think I’m me.

Sometimes, a little paranoia is good for you. As David's experience shows, keeping all your data online can be dangerous if your computer is connected to the Internet. And since you probably downloaded this podcast from the internet, you can bet this means you.

Keep Sensitive Data Offline, Read-Only, Redundant

When you scan something important with lots of juicy data, consider keeping it offline only. Copy it to a DVD or CD, delete it from your hard drive, put it in your filing cabinet, and lock it with a key. Yes, that's right. Fifty years of advancing technology and we're back to filing cabinets. The saving grace is that you can store more on DVD in a filing cabinet than you could on paper.

And then there's “bit rot.” No, not the stuff that falls off your Zombie Army during an overzealous game of Twister, but what you get when your bits wear out. Your 1s and 0s turn into 1/2s. Your computer never understood fractions either, so your data is gone and your carefully scanned documents stop working. (What actually happens is that the coating of CDs and DVDs breaks down, or the magnetic oxide on magnetic tape peels off. Or, what seemed like a file format that would be around forever has been upgraded and version 2007 of your word processor can't read your old files from version 6.) Whatever the reason, over time, those stored files become unreadable.

To combat physical bit rot, make several copies of your data on different CDs, DVDs, hard drives, etc. Along with the data, include a copy of the program you'll need to read the data. I put pretty much all my files into Adobe Acrobat format, and add a copy of Acrobat Reader to the same disk as the data. It won't help if they ever upgrade the operating system so old versions of Acrobat stop working, but it's a start.

Encrypt Encrypt Encrypt!

So you had one stack of sensitive paper. You scanned it in, duplicated it, and stored it in several places. Now it can be easily slipped into an angry teenager's pocket as he, she, or they run out in a snit after you refuse to let them go to a Stinky Boys concert. For obvious reasons, you do not want your teenagers browsing your personal files with their friends when they're in the mood for mischief.

That's why we invented encryption. (Ok, we actually invented encryption to keep Hitler from winning World War II, but still...) Encryption puts your files into code, and only someone with the secret passphrase can decode them. My favorite encryption program is freeware, available for all platforms. It's called TrueCrypt. It lets you create a magical extra disk drive, say E: for Encrypted, that's actually stored in a single file (say C:\MY-ENCRYPTED-DISC.TC) on your computer. Any file you store on your magical E: drive is encrypted and put in the MY-ENCRYPTED-DISC file. When you dismount your E drive, you can't access the encrypted files, and the MY-ENCRYPTED-DISC file is incomprehensible. You need your secret passphrase to remount it and access your E: drive again.

I create a 640Mb encrypted disk. That's how big a CD is. I copy my sensitive files to the encrypted disk, dismount it, then put the MY-ENCRYPTED-DISC file onto CD. Then I test—always test—to make sure I can mount the encrypted disk from the CD, and voila, there are my files, safe and sound. I make many backup copies of my encrypted CD, and then I delete the sensitive files.

Use a Good Passphrase

If you're going to encrypt, please use a good passphrase: something long, with some numbers and punctuation. Like, “I told 19 friends I wanted to be Dorothy in The Wizard of Oz, because Green number 7 clashes with my hair color.” That is long, has upper and lower case characters, punctuation, and digits. And anyone who knows me would never guess that password, because actually, Green number 7 goes great with my hair color.

If you're storing files you want your family to have in the unlikely event that a young girl from Kansas tosses a bucket of water on you and you melt into a puddle, make sure to give a copy of your CD and your passphrase to your estate planner or lawyer. Lawyers often have a secure vault where they keep things that are to be opened only after you kick the bucket. So to speak.

The more we put our lives online, the more important it becomes to protect our most sensitive data. Encrypt it. Hide it. Store it away. And make copies on many different kinds of media, so if one wears out or breaks, another will still work. And if all that fails and you're the victim of identity theft after all, think of it as your special chance to escape the burdens of your current life and embrace a fresh start.

This is Stever Robbins. Email questions to getitdone@quickanddirtytips.com or leave voicemail at 866-WRK-LESS.

Work Less, Do More, and have a Great Life!


Encrypt image courtesy of Shutterstock


About the Author

Stever Robbins

Stever Robbins was the host of the podcast Get-it-Done Guy from 2007 to 2019. He is a graduate of W. Edward Deming’s Total Quality Management training program and a Certified Master Trainer Elite of NLP. He holds an MBA from the Harvard Business School and a BS in Computer Sciences from MIT.