Quick bulleted list post of how I encrypt data on my external hard drive and usb thumb drive. The idea is that if I ever lose the drive, no sensitive client data would fall into the wrong hands. TrueCrypt creates a file that represents a drive. Think of it like mounting an ISO in Daemon Tools, except TrueCrypt is a writable removable storage device that encrypts and decrypts on the fly. Assuming the external hard drive mounts to G::
- Unzip TrueCrypt to G:\programs\truecrypt42a
- If you're running Vista or as a Non-Admin, install it onto your local machine once as an Admin.
- Start it up, create a volume called G:\encrypted.tc (I'll leave this as an exercise to the reader)
- Create G:\enctypted-mount.cmd
"programs\truecrypt42a\Setup Files\TrueCrypt.exe" /v encrypted.tc /lx /e /q /m rm
- Create G:\enctypted-dismount.cmd
"programs\truecrypt42a\Setup Files\TrueCrypt.exe" /dx /q
It's just a double-click to mount or unmount the encrypted volume stored in encrypted.tc as my X:
TrueCrypt can also mount a encrypt a whole volume, but I chose to only encrypt sensitive data in a file like this so that I don't waste time encrypting my music collection. Also, it allows me to keep the TrueCrypt installer right there alongside the encrypted volume so that I can plug in, mount, and go, even without an Internet connection.