Sunday, January 10, 2016

Doctors: How to Safeguard your data

A lot of doctors, especially in developing countries like India and China, maintain patient records locally. In developed countries, a lot of practitioners still have locally installed database of their patients in their laptop. All this exposes the doctors to both, loss of data as well as security breach of their patients' data.
In addition, everyone has their own personal/ professional data located on their tablets, mobile phones and laptops and is not necessarily in sync.
A theft or a crash can make your life miserable, not to mention potential loss of revenue and even a law suit for data breach

Here are some steps to achieve two aims:
    1. Safeguard your data
    2. Make all data device independent (i.e. all your data accessible from anywhere on any computer)

Step 1: Have a cloud based sync utility like dropbox or Box or OneDrive from microsoft. You can avail free or paid packages. I have free space of 20 gb on dropbox, 50 Gb on box and 7 GB on OneDrive. These 76 GB are enuff for my critical data, actually even fotos.

Step 2: The skeptics would say that Dropbox or similar services can be hacked. I agree to the possibility and I have another level of security for them. Download FreeOTFE/ Cryptainer/Truecrypt for free. Keep it in a folder in, let us say, dropbox. Create an encrypted drive within that folder using the program and protect it with a password AND a keyfile. (A keyfile can be any file like .txt or .pdf etc which the system will use as a key to open your drive) (never keep the keyfile within the dropbox. Keep it in google drive or OneDrive or even a pendrive. In that case, your pendrive will be a physical key to open your documents. Keep a backup of this pendrive, please.)

Step 3: Now when you use the system, you can ask your encrypting program to mount this encrypted drive like drive E:/ or something. It will ask for password AND keyfile. When loaded, it works like just an additional drive in your system. Move all your documents there. You may even choose to add this as a default save location of your documents.

Step 4: Always dismount this drive when logging out.

Keyfile encrypted files are not hackable, at least not so far that I know till date. In case of theft, your data is completely retrievable from dropbox etc. And no one who gets your laptop or even hacks your dropbox can actually open your files unless you have been bright enough to store your keyfile there itself and named it "keyfile for truecrypt drive" 

P.S. TrueCrypt has been under security loophole scanner lately but alternatives exist; like BitLocker. This is due to the fact that truecrypt development was stopped sometime back. But the program is on life-support now.