What you will learn from this tip: Four specific steps you can take to secure your desktop files and folders.
Security is often a game of perception. A mysterious combination of smoke and mirrors creates the illusion of security while reality remains unprotected. With information security, the majority of security tools and utilities are designed to keep outsiders from gaining access to internal resources. The "us vs. them" mentality fits well with most perceptions, but it does not mesh with the reality that most attacks and security breaches occur from the inside.
In this tip, I cover specific steps you can take to secure your Windows desktop files and folders and prevent even internal prying eyes from viewing them.
1. Use third-party tools to secure Windows 9x files and folders
Older versions of Windows such as Windows 95, 98 or Me are inherently insecure when it comes to files and folders. To protect individual files and folders, you must install a third-party utility, such as Everstrike Software's Protect Folder 98 or WinAbility Software Corp.'s Folder Guard Classic Edition. Keep in mind that these operating systems are based on a DOS foundation, and even these third-party tools are not impenetrable.
2. Share only what is necessary
When creating shares on your computer, restrict the share to only information that is necessary. Sharing out an entire drive or partition is probably too broad. Even sharing out the My Documents folder may allow access to too much data, depending on how you use it. You may consider creating a special folder just for shared files and only sharing out that individual folder.
3. Use discretion setting permissions
Just as you need to use discretion in choosing which files and folders should be accessible, you should also limit who has access or what level of access they have. If you just grant Full Control to the Everyone group for your shared resources, it will be hard to manage or control access. Even for resources that you want to share, you should give some thought to who should have access and whether they should be able to delete or edit the files or simply be able to view them.
4. Encrypt confidential or sensitive information
Once you limit what information is shared out and further restrict access and file permissions, then your desktop data should be fairly well-protected. However, if you have confidential or particularly sensitive information, you may want to go one step further and encrypt it. In Windows 2000 or XP you can use the built-in Encrypted File System (EFS). You can also turn to third-party encryption tools such as PGP Corp.'s PGP Desktop Home 9.0.
More Information
About the author:
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet/Network Security, providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications.
This tip orginally appeared on sister site SearchWindowsSecurity.com.
