Securing Financial Documents on Your Computer

Securing Financial Documents on Your Computer

Last week, I wrote about protecting your passwords and other sensitive financial data, like account numbers. Today I want to go a step further and talk about protecting electronic documents – tax returns, Quicken files, bank or brokerage statements, etc. – that you may be storing on your computer.

Going paperless

I’ve been gradually transitioning over to a paperless financial system. A big part of this transition has involved scanning in various financial documents for future reference. This has worked well, and has greatly reduced the stacks of paper that used to accumulate around the house.

But what about securing and backing up the resulting files? What would if my hard drive crashed? Or worse, if someone stole my computer? Clearly, I need to take additional steps to protect my data.

As far as backups go, I’m currently using an online backup service known as Backblaze. That’s been great for creating a comprehensive backup of everything on my hard drive, and serves as a good baseline of protection – but it doesn’t secure my data locally.

Note: While Evernote seems like it would be an ideal solution for storing and accessing your data, they don’t offer server-side encryption of your file attachments. There’s also not an option for encrypting your local copies once you put them in Evernote.

Securing your files

For security, I’ve recently discovered TrueCrypt, which allows you to create a password-protected, “virtual encrypted disk” where you can stash stuff that you don’t want anyone to access.

And just to round things out…

Try storing your TrueCrypt archive in your DropBox. In case you missed it the last time I mentioned it, DropBox is an online file storage and synchronization service that allows you to share an entire folder (and its contents) across multiple computers, your smartphone, etc.

By placing your TrueCrypt archive in your DropBox folder, you’re making it accessible from any computer you’ve hooked up to your account while still keeping your data secure. So, for example, my wife can immediately access an files that I put in there from her computer. Very slick.

Oh, and a quick tip… If your archives take too long to synchronize, try splitting them up into multiple, smaller archives. For example, one for taxes, one for financial statements, and so on. By doing this, there will be less data to transfer when you make a change.

Hat tip to Mike Piper for getting my wheels turning by bringing this up on Twitter, and then testing it out on his own setup.

11 Responses to “Securing Financial Documents on Your Computer”

  1. Anonymous

    The encryption issue is a thorny one. I use Google Docs and the one thing I’ve been unable to use it for was sensitive documents unless I encrypted them first before upload but then I could not get to them from my phone when I really needed them.

    I finally found a solution using a service by a company calked SMEStorage that let ne add a private key to encrypt my document on upload. Now when I access the document using their client on my iPhone it asks me for the private key.

    It should work on other storage clouds as well as it seems they support a whole heap of them.

  2. Anonymous

    @Nickel

    From what I read TrueCrypt is a more “full-featured” encryption system, and while I’m a programmer I really want my solutions to be brain-dead easy or I just won’t go through the hassle of using them. So while I was looking for “encrypting a folder in Windows” I came across Pismo and it nailed it for me.

    It may well work the same as TrueCrypt, and if so I may switch, but it was late and I just wanted something that would just be an encrypted folder (a file you mount as a folder or drive) and be done with it. That’s exactly what it does and it worked perfectly out of the box. I might look into TrueCrypt some more though…

  3. Anonymous

    “To me, $50/year is a small price to pay for convenience.”

    That is the nut. I am not willing.

    If you don’t mind paying extra for some convenience, do check out Jungle Disk (https://www.jungledisk.com/personal/). Jungle Disk is an service that uses Amazon s3 or Rackspace. The service is $2 to $3 (depending on level of service) in addition to the cost of Amazon s3 (pennies) or Rackspace. AES 256 encryption, you control the key.

  4. schmoe: As I noted in the article, one workaround for the “blob” upload problem is to break things up into multiple archives. And yes, I’ve used S3 for certain things in the past (like manually backing photo archives) but I haven’t used it more recently. Maybe I should revisit, though I do like having our backups encrypted on the fly, and I also like having versioned backups. To me, $50/year is a small price to pay for convenience.

  5. Anonymous

    I use TrueCrypt to encrypt sensitive files on my computer, but I don’t use it for online backups. TrueCrypt is one file that contains all the other files. It is basically one giant blob. If you want to add a new file, you will have to reupload the entire container. Similarly, when you want to restore one file, you will have to download the entire container.

    For online backups, I use AxCrypt and Amazon s3. Amazon s3 is a non encrypted storage site. It is about as cheap as you can get short of free. Any service that talks about low monthly costs ($2-$10) pales in comparison. I average $.05 a month. There are a bazillion free gui applications that work with amazon s3. They range from backup tools to ftp clients to some combination of the two. I use Allway Sync. I don’t claim it is the best. It was first one I found that was free and did what I wanted. It looks at my file tree on my computer and the file tree on amazon and uploads that are new or have been uploaded, and removes the files that have been deleted.

    AxCrypt is a simple encryption tool that encrypts and decrypts files. It uses standard AES 128 bit encryption. Free, simple, integrates in nicely with Windows File Explorer, no snake oil.

  6. Anonymous

    Pismo File Mount. Works great for me on Windows 7, and keeps the entire archive secure and can be mounted as a folder or even a virtual drive in two clicks + a password. I think it also works on ZIP files, ISO files, and others but I can’t confirm that right now.

    I wasn’t sure about using TrueCrypt, so I’m very happy that I found Pismo while researching alternatives.

  7. Anonymous

    Who has confirmed knowledge if these programs that do an auotmatic lookup and connection using your password info when accessing a signed up for site are safe to use on your computer…..can it be hacked and can it be password encrypted enough to keep service personal etc from getting into your sensative info?..Thanks Bob G.

  8. Anonymous

    My wife’s computer just got a virus. It’s costing $300.00 to get it fixed. It is an old computer, and I just wish we had backed up the data on an external hard drive, because with the age of the computer, its almost not worth getting it fixed. External hard drives are also a great way to secure your financial documents, or if you don’t need that much space, a thumb drive might work too.
    Pat

  9. Anonymous

    TrueCrypt: a good idea for a seemless, always on, style encryption.

    I also use 7z for creating compressed and encrypted archives, which may be better suited for this task (simple file archiving). Both 7z and Truecrypt use the AES256 encryption standard.

    REMEMBER: with any encryption technology, the encryption is only as good as your pass-phrase. Use very long passphrases containing both upper and lower case characters, numbers, and special characters: use 40 characters if you want to ensure that the universe will end before your encryption can be brute-force cracked.

Leave a Reply