Helping people with computers... one answer at a time.
There are many ways to protect data from prying eyes, but as it turns out, preventing malicious deletion is nearly impossible. I'll review what to do.
In several posts, you had recommended TrueCrypt as a form of encryption. But my issue is that, even with encryption, your sensitive data will not be safe on the computer. Any person who has tried several times to crack the TrueCrypt volume could simply delete the file on disk, as TrueCrypt saves volumes as files on the disk. Is there any method of protecting sensitive (TrueCrypted) files on the computer from deletion?
•
No.
Encrypting your data, as I'm sure you realize, protects it from being seen by people who shouldn't see it, but it does nothing at all to prevent that data from being erased.
In fact, it's nearly impossible to prevent someone with malicious intent from deleting data. Heck, it's impossible to prevent accidental deletion.
We might make it more difficult, but certainly not impossible.
•
Preventing Accidental Deletion
One approach to prevent accidental deletion is to simply mark the file as read-only:
Right-click on the file in Windows Explorer and click on Properties. Then set "Read-only" and you cannot delete the file through normal means. You also can't modify it, which limits its usefulness.
Of course, someone who logged into your account or did so as an administrator, could come along, remove the read-only attribute, and delete the file.
Limiting Access by User
Another approach is to set up multiple user accounts on the machine and restrict access to the file based on account:
Click on the security tab in the file properties dialog that we opened above.
Windows file security settings are complex, but the basic idea here is to make sure that only those user accounts or groups that you want to have the Permissions necessary to delete the file, while all others do not.
And once again, someone logged into your account, or a system administrator, can easily revert or override any permissions that you set here and delete the file.
The Big Guns
Even if there were a way to truly protect a file from deletion within Windows, or even with some additional software, there's one tool that's guaranteed to delete the file no matter what.
Anyone with physical access to the machine could very easily reformat the hard drive and erase everything on it. They could even go the extra mile and run something like DBan that would securely erase the hard drive so that data recovery techniques couldn't even find the file that you're trying to save. For that matter, they could also just physically destroy the drive.
No, there's simply no way to prevent someone with access to your machine from deleting a file.
Protecting Yourself
If you have a file that is critical and you think that someone would want to maliciously delete it for whatever reason, you need to take two specific steps:
-
Restrict access to the machine on which the data resides. Prevent individuals with malicious intent from accessing the machine, both physically and over any network. If you think about it, this is what banks and other secure data centers are all about - their data can simply not be directly accessed by any but a chosen few.
-
Backup. I hate to bring it up yet again, but this is the only way to ensure that you won't experience data loss if or when the data that you care about is deleted, accidentally or otherwise. And when you think about it, this is exactly what those secure data centers do as well. All that data that they control is also securely and regularly backed up.
If you want to keep your data from being seen by those who should not see it, encryption is one powerful solution. However, if you also need to protect yourself from data loss in any form, there's really only one answer.
Back up.
Article C4763 - March 12, 2011
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
Of course it would help to save your file to a "write-once-only" media -- such as a CD-R, which, once written to, then becomes essentially "read-only". Then as long as the disc lasts and remains intact, neither it, nor the file on it, can be overwritten or erased.
The only way to "erase" your file in such as case would be to physically destroy the media (i.e., the compact disc) itself. (Microwaving it on "high" for three seconds will do the trick splendidly, should ever you need to dispose of personal or confidential information you've stored on a CD-R; however, even this should be unnecessary, provided you've been sensible enough to encrypt the information before saving it.)
Posted by: Glenn P. at March 15, 2011 11:17 PMI use BitLocker as my encryption method, plus have my backups on a 1TB HDD that only cost $59.99 @ Newegg, in a fireproof safe, plus another in my safety deposit box at the bank. HDD's are far less than $100.
So, even with BitLocker enabled, the drive can still be erased? Glad that I learned differently.
Cat
Posted by: Charles Tilley at March 17, 2011 12:01 PMGreetings, Enjoy your news letter and have a comment on TrueCrypt. The contents of the TrueCrypt volumes are not hidden from the Windows search companion on my XP SP3 machine. Any key word or file extension will pull them up and open them even if encrypted.
18-Mar-2011
In the Preventing Accidental Deletion section you've written:
"One approach to prevent accidental deletion is to simply mark the file as read-only."
This does not protect against accidental deletion of the file at all.
Pressing [Delete] on a file that is marked as read-only will only prompt me to answer the question if I really want to move the file to the recycle bin. If I answer YES then the file will be moved to the recycle bin. Pressing [Shift][Delete] will only prompt me to answer the question if I really want to delete the file. If I answer YES then the file will be instantly deleted.
So if I'm not aware of the fact that I'm deleting a file that I really don't want to lose, then the file will be lost, even if it has been marked as read-only.
Posted by: Ron at June 5, 2011 4:04 AMI think using "My lock box" can actually be good as it lets u hide ur file so no one knows it's even there.
try it at:
http://download.cnet.com/My-Lockbox/3000-2144_4-10789387.html
27-Nov-2011
Posted by: Mak at November 26, 2011 8:53 PM