29 Apr 2014

Encryption | Part 3: Portable Drives & Alternatives

0 Comment

Encryption | Part 3: Portable Drives & Alternatives

As previously communicated, the EOUST has set a May 1, 2014 deadline for you to encrypt all laptops, external hard drives and USB (flash) drives that contain data related to the administration of Chapter 7 bankruptcy cases.

In our previous emails, we recommended that you have a plan in place to recover your Chapter 7 CaseLink data, documents, downloaded emails as well as any other non-Chapter 7 data in the event of a disaster where you cannot access your encrypted drive. We also provided you with options on Cloud-based backup services and encryption software used by some BMS clients. In addition, we have provided a guide on how to get started with using encryption software for your laptops.

Portable drives + Encryption

Now, we are turning our focus to portable drives that contain Chapter 7 data (such as data exports for 341(a) meeting dockets). According to the Handbook, these devices (external hard drives and USB flash/thumb drives) must either be encrypted OR the Chapter 7 data housed on those devices must be encrypted.

To move data between computers, you have 3 options:

  1. Transfer files between computers without using a portable drive 
  2. Encrypt the individual files and use a non-encrypted portable drive
  3. Encrypt your portable drives (Not Recommended)

Option 1: Transfer files between computers without a Portable Drive

There are significant drawbacks to using encrypted portable drives as well as to individually encrypting each file which we will discuss later in this article.  As such, BMS recommends that you use file transfer alternatives that do not require you go through additional steps – just transfer via your office network or through the Cloud.

BEST OPTION: Move files between computers through your network

The easiest way to transfer files is to connect your computers to the network at your office. Find the file you want on one computer and copy it over to another – all over the network in your office. It’s fast, secure and simple.

> Read the BMS How-to Guide: Transfer Files Securely Over Your Network

GOOD OPTION: Move files between computers securely through Dropbox

Dropbox is a free Cloud-based file sharing service that can be used to move files between computers. Dropbox secures any data uploaded to their service using 256-bit AES encryption so it meets the requirements set forth in the Handbook. Once you set up Dropbox on each of the computers that you would store files, just drop the file into your “Dropbox” folder on one computer and, when you’re connected to the Internet, the file will be synced to the “Dropbox” folder on the other computer(s) you’ve set up.

Initial Dropbox accounts are free and provide 2GB of storage at no cost. For most BMS clients, the 2GB Dropbox capacity should be plenty to transfer your CaseLink LITE or HTML export onto a laptop for 341(a) meetings.

> Read the BMS How-to Guide: Using Dropbox to Transfer Files Securely

Option 2: Encrypt Individual Files placed on Portable drives

You can be fully compliant with the Handbook requirements by encrypting individual files stored on your portable drives. One option is to use 7-Zip, a FREE file compression software that includes the option to encrypt data stored in their .7z format.

Using 7-Zip properly before moving your data onto a portable drive will ensure that the data files are encrypted without having to encrypt your entire portable drive. When you plug your portable drive into a computer using encryption software, the drive mounts normally and all you have to do is open the files through the 7-Zip software and enter your password.

> Read the BMS How-to Guide: Using 7-Zip to Encrypt Documents 

Option 3: Encrypt Your Portable drives

BMS does not recommend that you encrypt entire portable drives (external hard drives or USB flash drives) and does not support the use of external hard drives as your primary backup protocol.

Encryption adds another layer of complexity to portable drives which can jeopardize your ability to access the data on such drives. The encryption software may not recognize your password or you may forget your password. In either scenario, no one else will be able to recover the data from an encrypted drive. Not BMS. Not a 3rd party IT professional.

Use encrypted portable drives at your own risk.

Should you choose to encrypt an portable drive in it’s entirety (rather than encrypting the individual files), you should be aware of the following:

  • Windows will not recognize your encrypted portable drive
    When you insert your portable drive, a pop-up dialog box will appear asking you if you want to Format the drive or Cancel. You must choose ‘Cancel.’ If you click ‘Format’ (even by accident) then your computer will proceed to format the portable drive and erase all the data contained on it.
  • Must mount and unmount portable drives through your encryption software
    In order to properly mount and access an encrypted portable drive, you must first launch your encryption software and then mount the drive through the software.
    When you wish to remove the portable drive, you must unmount the drive through your encryption software before unplugging the device from your computer.
    Failure to follow this process will result in damaging the data on your portable drive – causing it to become unreadable.