Posts

How to Keep Your Private Images Private – Part 1: PCs & Macs

You’ve just downloaded your final edited boudoir images and realize that these are images that only you (and perhaps your significant other) should ever see. Today more than ever, strong security measures are essential to keep anything — including your private photos — from being seen by others, either accidentally or deliberately.

At every step in working with your images we employ the latest encryption technology to ensure that your images always remain private. But once you receive the final images, it’s up to you to keep them safe and private. Here are some recommendations based on techniques and software we use to keep your data private and secure on our side:

  • Whole Disk Encryption: Whole disk encryption is one of the best and most convenient ways to protect sensitive information. On Windows we use Bitlocker, a proprietary service of Microsoft, which encrypts the entire disk, making it impossible to read without a password. Bitlocker is not available as a stand-alone product but is bundled with Windows 10 Pro and Windows 10 Enterprise. If you have Windows 10 Home you can upgrade to Pro to get Bitlocker. We don’t use Mac computers in our shop, but modern Macs that have the Apple T2 chip integrate security into both software and hardware to provide encrypted-storage capabilities. Data on the built-in, solid-state drive (SSD) is encrypted using a hardware-accelerated AES engine built into the Apple T2 chip. This encryption is performed with 256-bit keys tied to a unique identifier within the chip.
  • Veracrypt: We rely heavily on VeraCrypt which is free open-source disk encryption software for Windows, Mac OS X. (Open source means that the source code is publicly available and therefore enjoys the scrutiny of many technical experts to be sure it is truly secure.) Veracrypt can provide whole disk encryption or can be used to set up virtual encrypted partitions on an existing unencrypted hard drive. You can also use Veracrypt to fully encrypt external hard drives, USB keys, etc., so if one gets lost, no one could read the data without a password. Veracrypt has a steeper learning curve than other encryption software but in the end is quite powerful and convenient. See: https://www.veracrypt.fr/en/Home.html
  • Encrypto: We occasionally encourage our less technically-included clients to use Encrypto which provides a very simple drag-and-drop interface to encrypt a group of files. The resulting file can then be sent securely. Encrypto also can be used to fully encrypt a USB key. (We’ve used Encrypto to send USB keys through the mail to our clients who do not need to install any software to view the contents.) See: https://macpaw.com/encrypto
  • Cloud Storage: We chose Dropbox to deliver imagery to our clients because we found it to be both the most secure choice and the most convenient. Data in Dropbox is encrypted both in place (i.e., while stored on the Dropbox servers) and in transit. Dropbox works well on mobile devices and is a secure way to view images on your mobile device. See: https://www.dropbox.com/
  • Cleaning Up Temporary Files: If you’re viewing images in your browser or other software that creates a cache, be sure to delete your browser’s cache to be sure the images aren’t temporarily stored on your hard drive. Every browser has this capability but the process varies from browser to browser. We use CCleaner which automatically cleans up all temporary browser cache files along with many other temporary files on your hard drive. We use the pro version but a free version is also available. See: https://www.ccleaner.com/
  • Fully Cleaning Your Hard Drive: If you decide to get rid of your hard drive or computer, you should first wipe the hard drive thoroughly. This is because files that are deleted are merely marked as deleted by the operating system and can often be recovered by various software tools. There are many options for software to wipe your hard drive by making several passes and replacing each bit of data with random data. Again, we use CCleaner, which includes a utility called Drive Wiper, which lets you wipe either your free space or the entire disk. You can also specify how many passes the software should make to ensure no data remains behind. Again, see: https://www.ccleaner.com/
  • Email: As you may have noticed, we never send images as attachments in email as email is inherently insecure. If you need to send images by email, you can use Encrypto and send the resulting file as an attachment or send a link to your Dropbox account. We strongly recommend using a strong password for that.
  • Passwords: There has been much written on passwords so we won’t repeat all of it here. Most important, use long, random, unguessable passwords and do not reuse the same password for multiple sites. One of the most common ways to hack a password is to use a “brute force dictionary attack” where attacking software, using a dictionary of words, uses many combinations to try to crack your password. Using random passwords instead of actual words prevents such brute force dictionary attacks. The downside is that is becomes impossible to remember your passwords. For that we strongly recommend a password manager. We use LastPass which contains a secure password vault and can generate secure passwords for you automatically. It can also sync with your mobile devices. (Since iOS 12, LastPass can automatically fill your password on both web sites and within apps on iPhones and iPads.) See: https://LastPass.com
  • Back Up Your Data: Finally, we strongly encourage you to back up your imagery after you encrypt it to be sure you have multiple – but encrypted – versions available. Also, after you encrypt your files, be sure to run a test to be absolutely sure you can recover your files. Don’t delete the original files until you’re confident that the encryption process has worked.

What about mobile devices? We’ll cover that in Part 2 of this article.