We keep more and more personal information on our computer. From photos to private documents, as well as data that is saved on the computer, which can reveal a lot of private information about us, and that we do not even know is there, such as personal Internet data, passwords, etc. Therefore, it is essential to protect our computer as best as possible to prevent this information from falling into the wrong hands. Especially if we usually use a laptop and travel with it.
While accessing the data on a computer that we have at home and do not take out of there is more complicated, if we tend to travel often, and carry the computer with us, the probability that it can be stolen increases. This is why standard security measures are not enough, and it is advisable to activate other functions that allow us to secure our data as best as possible.
Surely we have our PC protected by a password, or using the Windows Hello security layer. This is good, but it is not enough. Therefore, today I am going to tell you what security measures I always have activated on my computer so that, if it is stolen, they cannot access the data.
Password in BIOS
The first of the settings that I usually activate when I have a new laptop is the BIOS password. What this password does is that, as soon as the PC is turned on, it asks us for the password to continue with the startup. In other words, if the password is not entered, the computer cannot be turned on. And all the data remains inaccessible.
It is true that it is not the most secure security measure, since this password can be removed relatively easily by removing the battery from the motherboard and letting the BIOS/UEFI reset. But that already means having to dismantle the computer, something that if what we want is to steal data quickly we will not be able to do.
BitLocker Encryption
Another security measure that you must have activated, yes or yes, is BitLocker data encryption. BitLocker is a tool that is included by default in Windows and that allows us to encrypt all the data on the hard drive so that no one can access it.
This tool allows us to ensure that the data on the hard drives is always protected and it is impossible for anyone to access it. Not even if they steal our computer, remove the hard drive and connect it to another PC. When we turn on the PC, just before Windows starts, it will ask us for the password, without which the disk cannot be decrypted, and all the information will be inaccessible.
Secure drives with VeraCrypt
I handle ultra-confidential information. And, therefore, the two previous measures help, but they are not enough. Therefore, I also have several drives encrypted with the VeraCrypt tool. This software, heir to the legacy of TrueCrypt, allows us to create virtual drives encrypted with 100% random passwords, so that, without said password (or digital certificate), and without this program, we can access the data.
Thus, this third layer of security guarantees that, if for some reason they delete the BIOS/UEFI password, and manage to break BitLocker security (something that law enforcement agencies and forces can easily do), it will be totally impossible for them to find VeraCrypt files, hidden on hard drives. And if they find them, they won’t be able to decipher them.
