Have you ever transfered a bunch of files to a colleague or friend? Have you thought about that the data you sent was viewed by someone else or the data was altered before it arrived at it’s destination? Well, I’m not paranoid but some data that we send in business or our private lifes needs a bit more attention.
Sending, e.g. a forecast report to a colleague without encryption and verifying the integrity of the report (file) can lead to data leaking and/or data manipulation.
Heres a simple way to transfer your data in a more secure way using basic tools.
1. Create a folder e.g. on your Desktop
2. Copy everything that needs to be transfered into that folder
3. Create a ZIP file using a strong password and AES-256 encryption
4. Generate a checksum (e.g. md5, sha256) of the ZIP file
Linux md5sum <file> sha256sum <file>
Windows Get-FileHash <file> -Algorithm MD5 Get-FileHash <file> -Algorithm SHA256
5. Transfer file via e-mail, sftp, harddrive, usb stick, etc.
6. Verify ZIP file comparing checksum
7. Tranfer password via separate e-mail, chat, phone call
Following the above steps will ensure that the data that is send over wire or medium is encrypted and can be verified on destination site. Access is only allowed with the correct password.
Any other ideas or recommendations?