Thank you Symantec for Norton360. I would like automatic backup of a folder encrypted by XP Pro.
1. Is it possible to get Nortan Backup to backup these files, yet still keep them protected?
2. If so, would it be possible to restore these files to a new XP installation, assuming worse case PC crash?
3. If neither are the case, does Norton offer it's own encryption that would enable backup and restore while maintaining protection?
Thank you for your advice
-Greg
HI Greg,
I have not tried to backup and restore encrypted files since Norton 360 performs the encryption. You may be able to add the encrypted files/folder additionally(Include Files/Folder in Manage Backups). When you backup using Norton 360, the data to be stored is encrypted using 256-bit AES encryption and the transmission is encrypted using 128-bit AES encryption.
Yogesh
You should do a little research about XP encryption to see that it suits your purpose and your able to recover those files in an emergency.
If I remember correctly, one of the weak points of the encryption is that you need the security certificate to decrypt the file, so when you backup the encrypted folders you need to backup the certificate as well. The problem is that anyone could use that certificate, think of it as a master key. Unless you export that key with the option to password protect it you have no security.
I seen many cases where people have backup up encrypted folders and never knew that they needed the key to restore them. I have also seen many problems on trying to use that key and encrypted folder on another system, you might want to test that if you have a second XP system availible.
A better solution, (in my opinion) is an encryption program that is not operating system dependant, one that can be used on any system or any operating system with a program that is readily availible.
Dave
Yogesh, thank you very much for your feedback. I didn't realize the backup encryption was so robust. It's just that I keep certain files on my PC encrypted, not for backup protection purpose.
Dave, thank you for supplying so much input. I did some research on what you said. Yes, as of right now, the files would not be restorable if I needed a new XP install. Luckily the size of these files is somewhat small and are backed up on a thumbdrive fairly regularly using a $10 program I bought called secureflash basic. But this manual backup method is painful and files are not backed up in real-time. Thank you for offering your opinion about a separate piece of software- any recommendation on which one? My issue is cost. Free alternatives might require a bunch of time to setup, test, and document and may not be reliable in the end. This leads me to wish that Symantec would add a file encryption feature to the Security section of Nortan360. That way 360 could also automatically back up encrypted data without tweaking anything.
Thanks,
Greg
I actually wanted to come right out and say that the XP file encryption sucked, but since I never actually used it on my own systems I thought I would hold off on my personal opinion. I have however spent considerable time trying to help people in the past recover encrypted data with very limited sucess unless I could somehow get the problem system to boot or have access to the old system registry and certificates and spend the time to do a temporary new installation just to try to unencrypt the data.
There really is no simple solution to encrypting data, there is no such thing as a secure password protected folder that works just like a regular folder. Although I have seen a lot of "magic folder" programs that claim to do it but they end up just using "tricks" and are not actually secure.
The simple way to encrypt stuff for storage or to archive data is to use something like WinRar or 7zip and make encrypted archives. (7-zip is freeware). If you make an archive with something like 7-zip your not dependant on a program you need to pay for, it works in any version of windows, and it can be readily downloaded.
Of course, having to unencrypt and re-encrypt folders every time you use them makes it a little too much work for everyday use.
If you want true "On the fly" encryption and decryption, the program requires (in most cases) a driver so that limits you to use them only on systems that are yours or systems that you have administrator privileges. Usually those programs create an encrypted partition or a "container file" that is encrypted but opens up as another hard drive would.
When you open up the container file, another drive appears in "My Computer" and you can copy files in and out of that drive like it's a regular hard drive and the encryption program does all the work in the background.
The best example of that is "TrueCrypt" (Also freeware). TrueCrypt is also open source so that people can inspect the code and verify it has no hidden backdoors and the encryption algorithms are correctly implemented.
I actually use a fairly expensive program just like TrueCrypt called DriveCrypt. Only because when I started using it TrueCrypt didn't exist, I keep meaning on changing everything over to TrueCrypt but keep putting it off.
The downside of using something like TrueCrypt is that the container file is a fixed size and if your using a backup program the entire container would need to be backed up each time you make changes inside it.
That might be fine if your running a local backup or even if your container file is fairly small but if your using the online backup and you need a 1GB container it would become unfeasible to reupload 1GB everytime you make a change inside the container. (Unless you had a lot of online storage and a very fast upload speed).
But if you only need a small container or if you will only back it up locally that is a great option.
The program also lets you install a portable version of the program onto a flash drive so you could copy your container file onto the drive and use it on other systems as long as you were an administrator. Even without installing programs you need to be an admin to load a driver.
One other thing that takes a little getting used to is how the container opens up as a second drive letter.
If your using it on a flash drive, the flash drive is one letter and the open container becomes a second drive letter.
My wife who isn't very computer knowledgeable might get very confused with that, I actually been looking for a very easy encryption tool she could use on her flash drive that she takes back and forth to work because she's concerned about what would happen if she looses it.
I looked at the "secureflash" program you mentioned and it's a shame they don't offer a trial.
But it looks very similar to a free program I saw called "Rohos Mini Drive".
I been wanting to try it but haven't yet. It claims to be able to give limited access to the encrypted data on systems that your not an administrator user.
I'm also not sure if Yogesh was describing 360's online backup or local and online backups. I know the online backup is highly encrypted but I'm not sure if the local backups are as secure. I have not used 360 too much but it was my understanding that anyone with physical access to the system could open the backups.
Dave