USB keychain drives, Compact Flash and other removable flash media types are an incredibly convenient way to transfer files between computers or when on the go and working from public terminals. There also very small and easy to lose. If you transport personally identifying information on a portable drive or if you are toting company secrets in your pocket, it’s a good idea to use encryption. Of course, those aren’t the only reasons you might want to encrypt information; encrypting data on your laptop drive or the hard drive on your home PC is another solid way to help prevent against identity theft in the event of a lost or stolen computer. One of the easiest ways to encrypt a drive is to use the TrueCrypt open-source disk encryption application.
TrueCrypt provides a wizard interface to walk you through the steps of encrypting a drive. TrueCrypt supports AES-256, Blowfish (448-bit key), CAST5, Serpent (256-bit key), Triple DES and Twofish (256-bit key) encryption algorithms. It also supports algorithm cascading, which allows you to encrypt with one method and then encrypt with a second method, which slows down disk access but also makes it much harder for someone to break the encryption. An added layer of encryption provides more protection by allowing you to create a hidden encrypted volume inside another encrypted volume.
Hidden volumes come in handy when you’ve got someone asking you for a password at gunpoint or when you don’t want anyone else to know you’ve secretly got a collection of ABBA songs on your hard drive. The hidden volume may be stepping into the realm of ultra paranoid, but it’s theoretically a safer way to make sure if someone breaks the password on the encrypted drive that they don’t find the information you are trying to protect, although I’m sure Hugh Jackman’s character in Swordfish would still find a way in.
To mount a TrueCrypt drive, you do need the TrueCrypt.exe file available to decrypt a protected volume. One way around this is to leave a small portion of your drive unencrypted and store the 400k executable in the clear, so you have access to the information on the drive or carry a second drive with TrueCrypt keeping anyone who finds your drive from knowing what encryption scheme you are using. I use TrueCrypt on a 16GB thumb drive. When I haven’t mounted the drive, Windows see the flash drive as an unformatted drive partition. [Windows $0.00]