I often talk about computer failures of various sorts and what you should be prepared for: the crash that happens just before you save your document to disk, the failure that renders a disk completely unreadable and unrecoverable, or the computer that dies a true death, taking all of your data with it.
You know the drill. Hopefully, you’re prepared for that.
But by being prepared for that, you’re only ready for half of a somewhat-related disaster.
What happens when your computer … disappears?
Become a Patron of Ask Leo! and go ad-free!
Computers can “disappear” for many reasons, from loss while travelling to theft at home. Regular backups protect you from losing data, but you need to take additional steps to protect your data from falling into the hands of a potential thief. Full disk encryption can protect your on-disk data, and two-factor authentication can protect your online accounts. Mobile devices are particularly prone to theft and loss, and should be protected with a PIN code at a minimum.
It’s about more than travel
Typically, we think of a scenario like the traveler who loses his laptop. Perhaps he left it at the security checkpoint1. Or maybe it was stolen out of a hotel room. Or possibly something else happened. The bottom line is that it’s gone.
But that same scenario can play out elsewhere with the same result. Electronics are a popular item for theft and burglary at home and at work. Perhaps you take your portable computer to school or a local coffee house from time to time, where it can also be stolen or left behind.
Regardless of the specifics, just about any computer can disappear — the portable ones as well as desktops.
Data loss
The loss of data on the computer is perhaps the most easily dealt with.
One of the other ways your computer can “disappear” is that it can simply fail catastrophically. The device may physically still be present, but as it’s no longer functional, that doesn’t help. Everything on it is gone. No, not all failures are this disastrous and this one isn’t even likely, but it can still happen — and thus, you must be prepared.
That’s what backups are for.
And by being prepared with a recent backup, you’re also prepared for the loss of your computer by other means.
Like theft.
Replace the computer, grab your data from your backup, and life goes on.
Data theft
What most people don’t plan on is the theft of the data on their lost or stolen computer.
Be it the thief or the person they sell your hardware to, eventually your computer could come into the hands of someone who might know what they’re doing: someone who might start poking around and discovering your data.2 Depending on how you use your computer and what you have stored on it, that could be a big deal.
This is where encryption comes in. If you have sensitive personal data on your computer, and especially if it’s on a portable computer of some sort, consider using an encryption tool such as VeraCrypt.
VeraCrypt can be used to either:
- Create virtual encrypted drives — files that are “mounted” to appear as additional drives after you specify the proper passphrase.
- Perform whole-disk encryption, requiring you to specify the proper passphrase as part of the boot process to unlock the entire contents of the hard drive.
I recommend that you not rely on password protection in applications such as Word or Excel, or tools such as WinZip. While they have improved in recent years, I believe they remain useful only to keep honest people honest. If an intruder is determined, such tools are often easily cracked.
Whether you encrypt your entire drive (which has the benefit of encrypting the paging file, temporary files, and everything else) or just a large volume depends on a combination of your degree of paranoia, how you use your computer, and how important the stored data is. Security-conscious businesses and government agencies rely on whole-drive encryption.
Account theft
Depending on how you have your computer configured and how you use it, it’s possible to extract passwords (those “remembered” for you by your browser) or other private information. If your computer is stolen while it’s on (or in standby or hibernation), you may have been signed in to various online accounts. The thief could change your password and steal your account without even needing the password.
This is where two-factor authentication comes into play.
If you have two-factor authentication properly enabled and configured, a thief can’t log in to your account even if he has the password. That’s why I have it enabled on all my accounts that support it.
Two-factor authentication is becoming increasingly popular as more account hacks happen. Google is one of the earliest and most complete adopters, and other services are following suit. Check with your online service providers — email, online storage, password vaults, etc. — to see if two-factor (also called multi-factor) authentication is available.
Mobile devices
In recent years, mobile devices have exploded. It seems like everyone has at least one. Checking email, uploading photos, using social media — mobile is everywhere.
And naturally, mobile devices are being lost and stolen.
Mobile devices are a tad harder to secure. The single most important thing you can do for a mobile device you carry with you regularly is to lock it with a pin code (or in some cases, a swipe pattern). Yes, you’ll need to tap out that code each time you wake up your phone, but that’s a small inconvenience compared to giving a thief quick and easy access to the treasure trove of personal data many people keep in their phones.
In addition, both Apple (via iCloud‘s Find My iPhone) and Android (through Google’s Android Device Manager) support remote wiping of lost mobile devices, if set up beforehand. There are also several apps that instruct a mobile device to wipe or self-destruct on receipt of a specially-formatted text message.
Theft & loss
The risks of losing a computer or mobile device are easy to overlook. Inconvenience and data loss are the first things that come to mind, but understanding that your data could end up in the hands of a complete stranger is well worth considering.
And well worth preparing for.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Podcast audio
Audio
This is actually an expanded update to a podcast I recorded back in 2005.
Footnotes & References
1: Something like 12,000 laptops are lost each week at airports. I have an exceptionally difficult time understanding how that can be. When I travel, my laptop is my life! 🙂
2: Fortunately, my understanding is that this actually isn’t all that common. But the fact is that it can and does happen.
Great article! Thanks to previous articles, I keep all of my data files in TrueCrypt, I have NO duplicate passwords, I use the maximum password allowed for each website, and I use KeePass 2 to keep track of those passwords. I have the passwords backed up in an Excel file in case something goes wrong with KeePass. Both the Excel file and the KeePass data file are within TrueCrypt. Fimally, I am using EaseUS Todo backup to backup my entire hard drive (System Backup) because of its ability to restore to dissimilar hardware. I do a system backup several times a month and data file backups every night. I have a local backup hard drive and a copy of that which I keep at my son’s house. If I am missing something, please let me know.
Bob
Hi Leo,
Just a quick note to thank you for your invaluable Newsletter and to wish you a great Christmas & New Year !
Mark & Helen O’Carroll in Dubai
Thanks for this article and all the other useful info this past year. Merry Christmas Leo.
Today I realized that, despite my computer login password, Roboform logins, several backups to two external drives and Mozy online, and printouts of critical info – that if, God forbid, all of the hardware, etc., that I have at home were to go up in smoke, I would still not be able to access my online backup because I had not memorized my login info and the procedure: I had been depending on my Robo password manager to log on to my Mozy account. So today I created a new weekly task in my Outlook Tasks to remind me to access and restore some important file from Mozy online strictly from memory – how to find Mozy online, my login info and the procedure for download. Perhaps you need to do the same.
Best Wishes, Norm
The take-away point here is that in addition to following all the recommended practices, you need to work out / write down a recovery plan that addresses different failure scenarios (theft, fire, hurricane/ flooding, civil unrest, internet or service provider failure, equipment failure) and contexts (at home, while traveling)…
Hi Leo,
Now that you’re using Windows 8- can Truecrypt be used with Windows 8/8.1? The documentation I’ve seen doesn’t mention it, and “future” mentions providing full support for Windows 8. Safe to use the current version?
Thanks!
I use TrueCrypt daily on both 8 and 8.1. Whole-disk encryption of the system drive might be affected, but standard volumes work just great.
I know Leo prefers that the external drive remains connected to the computer so that automated backups can occur, but I’ve always been concerned that if someone did break in a steal my computer that they would also steal the hard drive … and there would go my data backups. Then what would I do?
Instead I store the hard drive in a not so obvious spot nearby, and just get in the habit of pulling it out and doing a backup.
That’s another reason why Leo suggests more than one backup method. In your case, a cloud or online solution would complement your external hard drive solution so that in an extreme case like you mentioned with theft or loss of both system and backup, you’d still have an offsite data copy to begin the restoration process with. Cloud backup is not a good first choice due to the extreme speed difference between a local USB-3 external drive and the bandwidth of your internet provider. It has taken “days” to download and restore cloud backup data; which is why some cloud backup solutions include an overnight-ed copy of your data on hard drives, DVD or flash drives. It’s simply faster to wait the day or two for the mail to arrive, then to try to download the whole thing. Local hard drives can be used to restore data in a hour or less in most cases.
First, I’ve leaned lots from your newsletter, Thanks for dedicating your time and effort!
Second, this particular info was/is one of the most valuable newsletters to me, just wanted ta let ya know that you are appreciated, there will be a little sumthin’ coming for ya as soon as I figger out how to do it again… Happy Holidays, Mac…
Hello Leo:
Just a few words to say that I have only recently learned of your website, and must say that I am
very much impressed with it. I know that I will gain a good deal of help from it. Thank you, &
wishing you a Happy New Year — DWI
Is this an older article? I notice you are recommending TrueCrypt. As I understand it TrueCrypt is no longer supported. I have switched to VeraCrypt. It looks and feels much like TrueCrypt and will convert TrueCrypt volumes to VeraCrypt.
Thanks for the heads up. We’ve changed our recommendation to VeraCrypt, but we may have missed updating a few articles. If you had clicked on the TrueCrypt link, it would have taken you to the article where Leo recommended switching to VeraCrypt.
https://askleo.com/is-truecrypt-dead/
“The single most important thing you can do for a mobile device you carry with you regularly is to lock it with a pin code (or in some cases, a swipe pattern). ” Yes, and one thing to watch out for is the Micro SD Card if you have one. The data on that can easily be accessed by anyone if the card is removed. I have a third-party encryption app installed for that. I don’t remember the name now but when I access my device, I’ll mention it.
Think ‘computer system.’ Besides keeping computer backup images off-site, I keep a copy of my NAS box off-site also since it holds data no longer on our PCs. Thieves may grab that also, but a fire will destroy everything. Don’t know if drives inside printers/scanners are still targeted, but I refrain from scanning or printing docs with personal information.
Good article. Looking at all your recommendations, the one that I need to implement is disk encryption.
My Surface Pro 4 has Windows Professional which comes with Bitlocker installed.
My HP Envy has Windows Home & no encryption installed.
Any thoughts on VeraCrypt (free) vs. Bitlocker (requires purchase)?
Veracrypt is great for whole-disk encryption or protection of a folder of files you want to keep safe on your computer. The downside is that if you have the Veracrypt container in a folder you are syncing to the cloud, such as with OneDrive, GoogleDrive, or Dropbox, it will have to upload and download the whole container file with each change and if you use whole-disk encryption, the files will be unencrypted on the cloud (same issue with BitLocker). That’s where BoxCryptor comes in, it uploads the encrypted files, file by file so that when one file is changed, only that file is uploaded, and when you need it on another machine, you only download that file. If you use whole-disk encryption, you should use Bitlocker, in addition, to protect the files on cloud servers. Boxcryptor also has a free version.
As for BitLocker vs. Veracrypt, if you have Windows Pro or Enterprise, you may as well use it for full disk encryption, if not then use VeraCrypt.
To be clear here, VeraCrypt does two different types of encryption:
BoxCryptor is a great solution when using whole-disk encryption, or when not encrypting your disk at all.
VeraCrypt is good and I’d have no hesitations using it. I would not upgrade to Win 10 Pro for just bitlocker, but it does have a couple of other things (group policy manager, remote access) that might make it worth it to some. I do recommend Pro when getting a new machine.
About traveling: An easier and safer option is to have a travel-only device. Even for work, take an inexpensive computer with a minimum of personal or work files that you might need on a trip. In case you need something else, you can ask someone to send it to you or get it from a cloud storage. The netbook I carry for travel is small, light, cheap, and doesn’t have much on it I’d regret losing. The few files I take are not critical, but encrypted anyway. To say it another way, why would you carry a machine that has all your life (or work) records on it? To state it more formally, if you expose your data to risk, then you assume the liability and must address mitigating each risk. On travel, there may be other problems besides losing you computer. You can connect to a public WiFi and get hacked, or your laptop may be confiscated at a border (and be forced to decrypt), or you may damage it. The hassle isn’t worth it. One more thing: If you have to bring back some files, such as pictures, carry them on a flash drive (or two), not on the computer.