Saturday, August 4, 2012

Security, compatiblity and backup


Users of AxCrypt are obviously concerned about the security of their files. Howerver, there is some confusion about just what security means.

Encryption means security from others reading the data. In the case of AxCrypt, it also means that undetected modification of the data is not possible.

Encryption does not mean security from data loss for any number of reasons, such as accidental deletion, ransom attacks by hackers where AxCrypt even has been know to be used by the black hats, or hard disk crashes.

In fact, encryption adds another level of processing to the files, actually increasing (albeit very slightly, but still) the risk of something going wrong. If you think about it - the more you do, the higher the risk of a snafu. That doesn't mean AxCrypt is dangerous, it just means what it means - the more operations you perform the higher the risk is, as counted in number of failures per million for example.

In this day of rapid development on all fronts, there's always the question of data compatibility across computers and program versions.

All AxCrypt-versions from 1.0 to the current 1.7 in both x86 and x64 bit versions are compatible with each other, so no worries there. AxCrypt will always be upwards compatible, so version 2.0 may in fact in the future produce encrypted files 1.7 can't read - but version 2.0 will always be able to decrypt anyting an older version has produced. But, at this time, all versions are in fact compatible.

Also, AxCrypt-encrypted files are not tied to any particular installation in any particular computer, and uninstalling AxCrypt won't decrypt any files any more than uninstalling Word converts your documents to Notepad text files. If you have the file, and know the password, you can always decrypt it in any computer where you can get one of the various versions of AxCrypt running.

Now to the most important message about security, in the meaning keeping your data safe not only from prying eyes - but from any number of catastrohpes.

Your most important and powerful protection against data loss is spelled 'BACKUP'.

Please ensure that you have backups of all your data, encrypted or otherwise, and that you keep a reasonably recent version of the copy off-site, and that you periodically do check that you in fact can read the backup and that the expected data is really on the backup media.

Personally I backup to two USB-drives that I swap once every few weeks, always keeping at least one drive off-site. It's cheap, it's effective and it's very safe since all the data on the backup is encrypted.