How to use Secure Disk

How to use Secure Disk

Getting ready for Encryption
There are some steps to take before you start encrypting the disks:

It is strongly recommended to back up data before encryption. Back up the data from the disk you are going to encrypt. You can choose to copy only the most important files or all the data from the disk.

To back up all the data, use a third-party disk image creation software.

Make a backup copy on a separate disk or CD/DVD disk to guarantee data security.

If you don’t have a backup copy or not all the data is backed up, provide an uninterrupted power supply during the process of disk encryption. Otherwise uncontrolled computer shutdown may lead to damage or even loss of the data encrypted.

Basic Information
Before using Secure Disk, read the main principles of the program: First of all, Secure Disk allows you to encrypt logical disks on the computer; these are disks you will see in Windows Explorer. Data on the disk are encrypted with the key that was created before. There may be one or several keys, and their number isn’t limited. Keys are stored in the keystore. The keystore is a file on your disk. Keystore Characteristics:

You can use an existing image or audio file, or create a new file with .ks extension (a keystore file) The keystore may contain as many keys as its size allows. The larger the file, the more keys it may contain. The keystore is protected by two passwords. The only way to get access to the keystore is to enter these passwords. So, you should have a keystore and at least one key in this keystore to encrypt the disk.

Choosing an image or audio file as a keystore makes it difficult for intruders to detect the keystore and hack it. If the key store is in the image file, the image will look absolutely the same due to the new steganographic algorithms in information encryption. So, hackers can go over your disk drives with a fine-toothed comb and not find any trace of your key.

Creating a keystore and the first key
When running the program for the first time you have to create the first key and put it into the keystore. To do this use the stepwise instructions provided in the “Key Creation Wizard”. To start the “Key Creation Wizard”, click on “Create a keystore” in the bottom right-hand corner of the Login page. After that, you’ll be guided to take the 6 steps to create a keystore. Guidelines and step-by-step instructions will accompany each step. A detailed description of each step is given below: Key Name You should choose the name for the first key that will be created along with the keystore. You won’t be able to change this name later. The maximum length of the key name is limited to 16 characters.

Data Generation The key will have some internal data used by the encryption algorithm AES 256. On this page you should draw an image or choose a pre-existing image that will be randomly transformed and used as the basis for key’s internal data. It's important to point out that a second key with the same image will be absolutely different. You may prefer not to paint an image but to choose the “Generate automatically” option and then the computer will generate a random image.

Enter Passwords You should supply passwords to protect the keystore from intruders. To get access to the keys in the keystore, you should open the keystore. The only way to do it is to supply the passwords. The approximate level of password difficulty is reflected on this page — the higher the level, the more difficult it will be for intruders to use brute force in gaining passwords.

While supplying passwords, remember that:

The password may contain only Latin characters, numbers and symbols The maximum length of the password is 20 characters Passwords are case sensitive, so “My password” and “my password” are different. Keystore type At this stage you should choose the type of the file to place the keystore into. The following types are available:

Image file (BMP) Image file (JPEG) Audio file (MP3) Audio file (WAVE) Simple file (KS) For safety reasons, it’s recommended to create a keystore in a sound or image file.

Keystore file You should choose the type of file to use as a keystore. If on the previous stage you have chosen an image or sound file type for a keystore, you have must now specify the existing file to “hide” the keystore in. If a simple file has been chosen, specify the folder to put it into.

Completion The last stage, it’s not necessary to take any steps.

We don’t recommend that you use your name, birthday, telephone numbers, addresses, or city names, your Internet nickname or any other easy password. A strong password should contain no less than 10 characters, include digit numbers and symbols in upper and lower case.

Disk encryption
A key is used for disk encryption, so to start encryption you should have a keystore and at least one key in the keystore.

Take the following steps to encrypt the disk:

Open your keystore if it’s not open yet. Go to the Disks page, and from the list of disks on the page, choose the disk you want to encrypt. Press the “Encrypt” button on the control panel to the right of the disk list. Then choose one of the keys that will be used for encryption. Press the “OK” button. After you have decided to encrypt the boot disk, you’ll be asked to select the visual mode of system loader. '''The loader is a component of Secure Disk that is loaded before the Windows system boots and accepts passwords. You should enter the passwords for the keystore where the keys used for the boot disk encryption are located.'''

Loading is possible only if correct passwords are supplied.

The disk encryption process will start. The Tasks page will be available now with information about the disk encryption progress.

'''Please note! Secure Disk doesn’t maintains the encryption of dynamic and RAID disks. It may lead to full and irretrievable loss of info on them.'''

Boot Disk
Secure Disk allows you to encrypt any disk on your PC including a boot disk with Windows OS.

Encryption of the boot disk doesn’t interfere with other programs. During encryption, you may use your computer, as the encryption process will be working in the background.

While encrypting the boot disk, the Loader will be installed. It’s a component of Secure Disk that is loaded before Windows OS and accepts passwords while booting. You have to enter passwords to the keystore containing the selected key used for encryption.

If you enter the wrong passwords, the computer will reboot automatically.

There are some variants of the loader interface: Graphical Mode Text Mode Error Disk Access Colorful logotype of Secure Disk in the center of the screen and the fields for entering the 2 passwords below it Frame in the center of the screen with the 2 fields for entering passwords Text mode with a HDD Error message. When you enter passwords, they aren’t displayed

The boot disk is the disk where the OS is installed, for example, Microsoft Windows XP. If there`s one partition on your HDD (usually it`s C: partition), it`s called the boot and system disk, but more often we just say the system disk.

The system disk is the disk where the OS files are located, for example, NTLDR, NTDETECT.COM and other in Microsoft Windows XP.

'''Secure Disk allows you to encrypt both system and boot disks. If the boot and system disks are different disks, you have to encrypt the boot disk at first, and then the system one. When decrypting, you should start with the system disk and then move to the boot one.'''

Disk Access
Disk encryption is used for data access restriction. After disk encryption, you may access its data only if the keystore containing the key used for the disk encryption is open.

If you want to access the disk you should open the appropriate keystore.

If the keystore isn’t open, you won’t be able to access and modify the data.

If you need to restrict access to the encrypted disks, you may logout from the keystore.

If the boot disk has been encrypted, you must enter your passwords before loading the operating system. The disks encrypted with the same key as the boot disk will be available. You can’t restrict access to them individually.