Life after TrueCrypt: 5 tips for better data security

truecrypt-replacementTrueCrypt is gone. The developers of the popular and free disk-encryption software suddenly announced that it was no longer secure, and advised users to migrate to another solution. What happened?

In truth, we don’t really know why TrueCrypt shut down. Some are attempting to revive it. But the fact remains — it’s time for TrueCrypt users to move on.

We’ve got simple tips to help you.

TrueCrypt’s sudden demise

Despite being nominally open source software, TrueCrypt was always a bit secretive. Unlike many free, open source projects, the main developers and maintainers were unknown to the community.

Someone, apparently one of the maintainers of TrueCrypt, shut down the project, claimed the product was not secure, and replaced it with a modified version designed only for undoing the encryption of previous versions.

Sophos security adviser Maxim Weinstein tells us that TrueCrypt’s warning should be taken seriously.

“We don’t know exactly why this was done, who exactly did it, or whether the software is, in fact, compromised or to what degree,” Max tells Sophos Blog. “As the community attempts to unravel the mystery, it’s best for users to stop using TrueCrypt and to find another solution.”

5 tips for data security

Encrypting your data and communications is vital in today’s security landscape. Our security experts offer these five key recommendations for moving beyond TrueCrypt to an alternative for data protection.

  1. Use vetted, trusted, operating system-level encryption like Microsoft BitLocker and Mac FileVault 2. TrueCrypt was not using the latest technology, so now is a great time to move to compliant encryption standards.
  2. The real issue with business use of encryption has been key management. You need good key management that enables encryption beyond just full-disk on your laptops.
  3. Data isn’t only on your disks. Users are taking it everywhere, especially the cloud. Now’s a good time to reevaluate your data protection strategy to make sure you’re protecting data everywhere.
  4. Non-Windows platforms need encryption, including OS X, Android and iOS. And don’t forget any systems still running Windows XP, you’ll need to protect them too.
  5. A thumb drive or DVD can hold sensitive records too. You need to encrypt all your storage devices as well.

The TrueCrypt alternative: SafeGuard Encryption
Only Sophos offers a single solution for all your encryption needs — for all your PCs, laptops, cloud, mobile devices, removable media, and file shares. And our software has been certified by several crypto-analysts, including the Federal Office of Information Security in Germany (the BSI), as truly secure.

You can manage all your data encryption simply, from a central console. And SafeGuard Encryption won’t slow users down.

Visit sophos.com/truecrypt to learn more. Or click here for a free trial of SafeGuard Encryption.