Protecting your USB keys

There is a project I’m working on, and I need to keep all my data secret, and confidential. What can I do if I’m still wanting to save my data on a removable USB-key?

Have you ever asked that question? I have been asked something along those lines more times than I can count. In reality, there are a few different options.

The first method I will cover is drive format, as it is one of the most basic changes you can do to add protection to your thumb drives. Almost every thumb drive I have ever bought has come formatted with the FAT32 file system that was introduced back with Windows95. If the thought of using a file system from an antiquated era sends a shiver down your spine, then consider yourself a rare bird. Most people don’t change a thumb drive once they bought it other than to store their files on it.
Now, on the flip-side the reason thumb drives are formatted with FAT32 is because every computer can read and write to that file system. If you change the file system, you run the chance of not being able to read or write to the drive on all computers; but that is exactly the point of this article.
The file system I use when I am protecting my drive, is a non-windows file system. That means that a windows computer will not be able to read or write to it. Since windows makes up around 90% of the computer systems in use, that means you already protected it against 90% of computers. I use ext4 as my file system because it allows for extra security settings on files and folders.

The next method of securing data on a thumb drive is partitioning the drive. By default, windows cannot read more than one partition on a thumb drive, so if you have one partition as FAT32 to read and write on any system, then a second partition setup with ext4 for your more sensitive files you only want to access on your Linux computer(or Mac, BSD, unix, etc.) you have added yet another layer of protection.

If you didn’t notice already, my goal is to show you methods that are not exclusive to each other, rather stackable to allow you to use any/all of them to protect your thumb drive as much or as little as possible.

The next drive protection method is encryption. You can encrypt data on multiple levels, you can encrypt files and folders, or the entire drive. When you encrypt a drive or file or drive, you will need a password to access the information in a method that is readable and doesn’t look like garbage. You can also use files as a key to the encryption, but I’m not going to cover specifics of that as it is out of scope for this article.

So, what tool do I use for encryption? truecrypt, its open-source, its free, and its cross platform so it will work on windows, linux, and I believe Mac also. Truecrypt will allow you to encrypt your whole drive, or create just an encrypted folder, of the two I prefer drive encryption.

The methods you choose for your thumb drive might be different depending on the use planned. one of my favorite drives is an 8GB drive. I configured it with 2 partitions, the first is a 2GB FAT32 partition, the second is an encrypted ext4 partition. The FAT32 partition I keep files as a distraction, so that if someone finds the drive it might deter them from looking deeper into its contents.

Hopefully this is at least a little helpful with providing some ideas to help you keep some of your important data secure. I’ve been meaning to write about thumb drive protection for a little while, but have not known exactly what to write.


Comments are closed.