I am trying to choose and implement the right encryption and backup solutions to meet my needs but I am struggling to find what I need to know in the published data sheets.
I want to protect all data on my PC that could be used for identity theft in the event that my PC or a backupdevice is stolen. However, I don’t want to risk losing all my data if there is a problem with unencrypting, so would rather not use full disk encryption if I can avoid it. Provided it is secure, I would prefer to encrypt only folders that contain sensitive data.
FULL DISK ENCRYPTION VS FOLDER-BASED ENCRYPTION
How secure is folder-based encryption? If my PC was stolen, could a thief put my hard disk into another PC and find a way to get at the password that protects the encryption key?
Assuming that folder-based encryption is secure, how do I know what to encrypt? Of course I know which of my own files contain personal data but what about system-stored data,caches, etc? Where could the system put sensitive data without my knowledge – and what might it put there?
ENCRYPTION AND ONLINE BACKUP
Suppose I decide to use McAfee Anti-Theft and Online Backup.
The documentation for Online Backup states that backed up data can also be encrypted. Does the encryption of the online backup use the same encryption key as used for the PC? If not, is the online encryption key backed up? Are there clear instructions on how to back up (and restore) encryption keys?
Assuming that encryption keys are backed up correctly, could I be confident that, if my PC was lost or stolen, I would be able to unencrypt backed up data and restore it to a replacement PC? This may seem like a daft question but a Tech Support agent implied that data could only be unencrypted using the PC that it was encrypted with (potentially disastrous, if true…).
BACKUP TO EXTERNAL DEVICES
I have over 200GB of data and a poor Internet connection. This means that it is only practical to back up my most critical data online; the rest is backed up to external hard drives. The volume of data also means that the backups to external drives must be done using backup software, so that only the changes are backed up.
As far as I know, the only backup software from McAfee is the software used for McAfee Online Backup. Is this correct, or does McAfee sell backup software that can be used for backups to external drives?
If I use backup software (McAfee if available; otherwise Samsung Drive Manager or recommended alternative) to backup to external drives,how do encrypted files appear in the backups? Are they still encrypted in the same way as the corresponding files on the PC? Or are the files presented to the backup software as unencrypted – and backed up that way?
If I need to encrypt backed up files using the encryption capability provided by the backup software, how do I back up the encryption key so that I can be confident of recovering it, even if my PC is lost or stolen? Do backup tools provide the ability to choose where their encryption key is backed up – e.g. to an online store – and do they also provide instructions on how to do it and where to put a key recovered froma backup?
My apologies for this long list of apparently simple questions, but I honestly can’t see answers in any of the documentation provided by McAfee or other encryption/backup vendors I have considered.
P.S. Please give answers in plain language; I am not technical and don’t understand techie-speak. Thanks!