It's great that you're thinking about protecting your files, with all kinds of snoops out there (from big government to identity thieves). You're right, though—you don't need to protect every single file you store or send (especially the MP3s). Financial records are the obvious types of information you should protect, but there are many other kinds of files you should encrypt as well. Encrypting these files will make sure that even if someone gets through your firewall or if your laptop is stolen and your password guessed your data will still be protected.
Basically there are two kinds of sensitive data you should encrypt: personally identifiable information and confidential business information/intellectual property.
Personally Identifiable Information (PII)
Personally Identifiable Information or PII is any kind of information that can uniquely identify you, such as your social security number, driver's license number, or full name. Because thieves can easily steal your identity if they gain access to your PII, it's really important you protect all of the documents you have that contain this information. According to the National Institute of Standards and Technology (NIST), this information includes:
- Name, such as full name, maiden name, mother's maiden name, or alias
- Social security number (SSN), passport number, driver's license number, taxpayer identification number, or financial account or credit card number
- Address information, such as street address or email address
- Personal characteristics, including photographic image, especially a face image
or other identifying characteristic; fingerprints; handwriting; or other biometric data, such as retina scan, voice signature, and facial geometry
- Information about an individual that is linked or linkable to one of the above categories, such as date of birth, place of birth, race, religion, weight, activities,
geographical indicators, employment information, medical information, education information, and financial information
Expanding on the above, you should add to your encryption container:
- Bank account statements, credit card statements, tax records
- Medical records like health insurance benefits and medical payments
- Work performance reviews
- Educational records, thesis
That may sound like a lot, but when you think about it all of this data boils down to your vital information (health, education, work, finances)—easily organized into folders that you can encrypt. So in addition to your financial statements and tax folders, also encrypt your folders with basic life information (health, education, work) or however you organize them.
It may go without saying, but you should also have any security-related things already encrypted: Passwords and PINs, for example.
Encrypt Confidential Business Information/Intellectual Property
If you keep any files on your computer that are work related, you may need to encrypt those as well—especially any that contain individual customer information. (As a former tech director who worked in the field of consumer marketing, I know that protecting personal customer information is paramount.) If you work in an industry like banking or health care, you'll also be subject to regulatory standards for protecting consumer information.
Business information or "secrets"/intellectual property may need to be protected too—financial reports, legal docs, patents, product releases, research and development data, and so on. It's often said that when laptops get stolen it's not the hardware that's most valuable to thieves, it's the information on it.
Two Tests for Whether You Should Encrypt Or Not
Here are two questions you can ask about any file you're considering encrypting:
- If the file was on paper instead of in digital form, would you shred the paper before throwing it out?
- If this information was leaked or posted to the interwebs tomorrow, could there be terrible repercussions or could someone do something malicious with it?
Keep in mind, too, that you should safeguard all the media and places where these sensitive or confidential files may be found: Your backup files, for example, email PSTs, a portable drive you use for backup, your smartphone.
All of this said, you probably have much more data that's not sensitive and doesn't require cryptography. Protect the ones that do, and you can rest easy. And if you want a faster, easier solution, a full disk encryption is a good idea—especially on laptops that can get easily lost; the full disk encryption will protect all your data and ensure no one can break into your Windows computer or your Mac.
By Laura Shaw