If you work in environments frequented by many people, you should not run the risk of personal data and sensitive information falling into the wrong hands. Consider, for example, the files and folders stored on a removable hard disk that gets lost or stolen.
The new General Data Protection Regulation requires companies to adopt a series of security measures. Those should be applied for the encryption of data stored on notebooks, external hard drives and other media.
But how is it possible to protect the files and folders stored on hard disks, external HDD or removable drives? How can you make sure that the data stored on these devices can only be accessed by the legitimate owner? How to reassure users that any third party will not access the data?
In today’s article, we will talk about VeraCrypt and Bitlocker. These are two of the best tools that you can use to encryption SSDs.
How to protect your hard disk with VeraCrypt and Bitlocker
VeraCrypt is a free opensource software considered as the direct successor of the TrueCrypt historian.
Like the Phoenix, VeraCrypt resurrects TrueCrypt from its ashes after its development was abruptly interrupted.
VeraCrypt is a fork of TrueCrypt, which is a project derived from the source code of the original application. Compared to TrueCrypt, VeraCrypt uses some improvements that allow you to trust on an even higher level of protection.
Specifically, VeraCrypt’s authors claim to encrypt system partitions using the PBKDF2-RIPEMD160 algorithm together with 327.661 iterations, when TrueCrypt executed 1,000. To create encrypted volumes (see below) and to encrypt normal partitions, VeraCrypt uses RIPEMD160 with 655,331 iterations (instead of 2,000 in the case of TrueCrypt) and 500,000 in the case of the SHA-2 and Whirlpool algorithms.
How VeraCrypt works and how it protects your SSD and individual folders
The MO of VeraCrypt follows exactly that of the well-known TrueCrypt. The interface is virtually identical.
VeraCrypt allows you to create encrypted containers (“volumes”) within which you can save personal files and sensitive data. You can create the encrypted volumes on a local hard disk or on any removable hard disk or USB stick. You will only need to take care to “mount” the container after connecting the outdoor unit and “disassembling” it before removing it.
So, the application allows you to protect the contents of the hard disk and removable drives by fully encrypting it.
How to encrypt a hard disk with VeraCrypt
To encrypt a hard disk or removable drive (USB sticks, external disks), follow these simple steps:
You can choose the Extract option if you do not intend to protect the system partition or the system disk. Remember that the system partition is the one hosting the operating system.
By choosing Extract you can still create encrypted containers and protect non-system partitions. In this case, you can save the files necessary for the VeraCrypt operation in a folder of your choice. You will, then, use the program as “portable” software.
In case you decide to install VeraCrypt on your system, the application creates – by default – a recovery point.
2. Connect the removable drive or the hard disk to be protected.
3. Start VeraCrypt.
In this way, you can protect the content of an external hard disk, a removable drive or any partition that does not host the operating system.
6. The next screen allows you to choose between creating a VeraCrypt Standard volume and a hidden VeraCrypt volume.
For example, after you have encrypted the removable drive, nothing will happen when you connect it to your computer. To access the content of the storage unit, you will need to start VeraCrypt and “mount” it, using the interface.
Before creating the encrypted volume in the chosen unit, it is a good idea to create a backup copy of the unit contents. At least, do that for the first few times you use VeraCrypt.
You can mount or unmount then the encrypted volumes. If you choose the first option, you can to access the respective content. Vice versa, you make it impossible to access by unauthorized persons.
You should choose an encryption algorithm for data and a keyword (passphrase) that you will take care to keep jealously. Why so? To create a “container” encrypted volume (Create an encrypted file container option) or to protect a removable drive or an external hard drive.
Protect the system partition with VeraCrypt
You can use the encrypt of the system partition or the entire system drive option, only by installing VeraCrypt. It protects the contents of the hard disk where the operating system is installed by encrypting all the files and folders.
By encrypting the system partition or the entire hard disk where the operating system is installed, the content of the hard disk will not be readable by third parties that do not have the personal password.
This protection procedure allows you to protect yourself from any risk if, for example, the notebook falls into unauthorized hands.
VeraCrypt will encrypt automatically and completely all files, including temporary files, files used to manage the hibernation procedure (automatically turn on and off the computer), swap files and so on.
Using encryption on the system partition or disk involves activating a pre-boot authentication mechanism.
Before loading the operating system, VeraCrypt asks to specify the passphrase or the personal keyword chosen when encrypting the unit.
Before proceeding, we suggest – as a precaution – to create a complete image of the hard disk. This can be done by using a free software such as AOMEI Backupper (System backup with AOMEI Backupper Standard 2.0).
We also recommend AOMEI Backupper Pro as it has more features and a better engine. In case you do not want to buy a license, you can download its free trial from the link below. If you need to backup your system often, you can buy a license.
You should store the image on a removable support or on another system. In this way, you can easily restore everything in case of problems.
Next, you can click the Create Volume button. Then, select the Encrypt the system partition or entire system drive and Normal options.
The following screen allows you to choose whether to encrypt only the partition containing the operating system or the entire hard disk.
The next steps allow you to determine whether you want to encrypt the area, if any, located at the end of the hard disk, used by RAID systems, tools for system recovery, for troubleshooting, for diagnostics and so on.
Finally, VeraCrypt will oblige you to create an emergency disk (Rescue Disk). You can use this disk to restore the startup of the operating system if you forget the passphrase or in case of malfunctions.
- Editor’s Note: If you’re interested in other data encryption software, check out our wide collection of guides.
Use Bitlocker to protect your SSD
In the Ultimate and Enterprise editions of Windows Vista and Windows 7, in the Pro and Enterprise editions of Windows 8 and Windows 8.1, on Windows Server 2008 and later server systems, the operating system offers you the possibility to encrypt and protect your hard disk using Bitlocker.
To enable Bitlocker on the system partition, right-click it from the Windows interface and then choose the Enable Bitlocker command.
You should know that Windows Vista and Windows 7 do not allow Bitlocker to start without the Trusted Platform Module (TPM) chip.
During the configuration phase of the Bitlocker feature, Windows will ask you if you want to unlock the system by connecting a USB stick or typing a password.
The following steps are quite clear. They allow to request encryption of the data actually written on the disk or even the encryption of free space.
This article highlights 2 of the best SSD encryption software solutions available available on the market. Let us know which one you installed an why.
RELATED GUIDES YOU NEED TO CHECK OUT:
- These solutions fix your slow SSD issues on Windows 10
- What to do if you can’t install Windows 10 on SSD
- 9 best SSD management software for your Windows 10 PC
Editor’s Note: This post was originally published in January 2019 and has been since updated for freshness, and accuracy.