- Contact Us
- About us
- Service Catalogue
- Laws and Standards
- IT Security
- Incident Response
- Security Testing
- Knowledge Base
- Security Baselines
- Remote Access
- Securing your Computer
- Removing Malware
- System Configuration Guidelines
- Guidance on the Storage of Sensitive Data on Portable Devices and Media
- Guidance on Encryption of Email and Email Attachments
- Encrypting a USB drive using TrueCrypt (Windows users)
- Setting up Full Disk Encryption on Windows using TrueCrypt
- Using encrypted archives with 7-Zip
- Using FileVault on Mac OS X
- Encrypting a file using AES Crypt
- Encryption under Solaris
- Recovering from an intrusion
- Frequently Asked Questions
- Security Baselines
- Training and Education
- Security Working Group
Encrypting a USB drive using TrueCrypt (Windows users)
This section explains how to create an encrypted TrueCrypt volume on a USB flash drive or hard drive. It is assumed that TrueCrypt is installed and that the USB drive is already recognised by Windows and assigned a drive letter. It should also be empty. If you have files already on the USB drive that you want to encrypt, you should copy them elsewhere now, delete them from the USB drive and then copy them to back to the USB drive after this process.
- Run TrueCrypt and click on Create Volume.
2. Click Next to create a file container.
3. Click Next to create a standard TrueCrypt volume.
4. Click Select File.
5. Browse to your USB drive and provide a name for the encrypted file. If you give the file a .tc extension it will be automatically recognised by Windows as a TrueCrypt file (recommended). Click Save and then Next .
6. On the next screen you can choose which encryption algorithm and hash algorithm. All of these options offer strong encryption. Click Next to accept the default settings.
7. Choose the size of the TrueCrypt volume. Do not use all the free space on the drive, as some space will be needed later for TrueCrypt files. It is recommended to use 8MB less than the total space.
8. Choose a password for the TrueCrypt volume.
9. On the next screen, move your mouse around the window randomly before clicking Format . This provides random information to help generate the encryption keys.
10. Click Next and then Cancel to complete the process. From the main TrueCrypt windows, click Tools and then Traveller Disk Setup . This will allow you to automatically mount your TrueCrypt volume when you connect the USB drive.
11. Click Browse in the File Settings section and select the root of your USB drive in the Browse for Folder window. In the lower section, select Auto-mount TrueCrypt volume , click Browse, and select the TrueCrypt volume you just created. Choose a drive letter to mount the volume as (T: in this example). Click Create .
12. Next time you connect the USB drive, you will be prompted what to do. Click OK to mount the TrueCrypt volume. You will then be prompted for the password for this volume.
13. The window that appears shows the contents of the encrypted container. It will have been assigned the drive letter you chose in 11. Any files saved to this drive letter will be automatically encrypted.
14. Note that the USB drive now has two drive letters assigned, and these should not be confused. In the screenshot below, TrueCrypt Traveller Disk (E:) is the USB drive itself, which contains TrueCrypt files and the encrypted volume. You should not normally save files to this location. Removable Disk (T:) is the encrypted volume itself and this is where you should save your files.
15. Before physically disconnecting the USB drive, you should first go to My Computer, right-click the TrueCrypt Traveller Disk and click Dismount all TrueCrypt Volumes .
16. Then right-click the TrueCrypt Traveller Disk again and click Eject . You can now safely remove the drive without any risk of losing data.
Page last modified on 05 jul 13 14:25