Reply to post: Re: How long, I wonder

Scottish enviro bods shrug off ransomware gang's extortion attempt as 4,000 files dumped online, saying it's nothing big

Woza
Boffin

Re: How long, I wonder

Disclaimer: I work for a company active in this area.

Filesystem encryption is common these days - bitlocker on Windows, or Veracrypt, or the Linux alternatives, etc. But that's not going to help if scumbags are logged into your system because they then see the same view of the files as you do, they're inside the file system.

There are also ways to do application level encryption, which is what you're suggesting. There are tools that will plug into Word, for example, and encrypt/decrypt stuff between Word and the disk. The problem is that this needs to be implemented on a per application basis - if your favourite CAD software doesn't have a plug-in for your chosen encryption software, you're short on luck. You also need to be careful with configuration - for example, ensuring temporary backup files created by the application are also encrypted.

Depending on your paranoia level, you also need to worry about swap files, which can contain unencrypted snapshots of files resident in your application's memory.

Finally, there's a kind of middle ground where you manually encrypt / decrypt files as needed - either on a per-file basis or in a container like Veracrypt. But that is less convenient for day-to-day workflow.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021