File Share Encryption

Is PGP WDE HIPAA Compliant for Protected Heathcare Information (PHI)?

Is a virtual disk as compliant and secure as whole disk encryption?

Can I do both whole disk encryption to protect all contents on my computor and virtual disk to protect my PHI while the computor is up and running?

Can I back up WDE and/or virtual disk encrpted folders to Carbonite online back up services and then restore it?

If my computor crashes or is stolen and I am encrypted and backed up with Carbonite, can I then restore the data to a new computor?

Thanks

Regarding Carbonite, you might find this topic of interest: https://www-secure.symantec.com/connect/forums/pgp-wininit-event-id-11-error-windows-7-x64  I can't offer anything more on Carbonite.

PGP does meet HIPPA requirements for PHI.

As you seem to already have a feel for, WDE only protects the disk when the machine is not booted.  If you want data secure once the machine is booted, you can use Virtual Disks as you are thinking.

Thank you Tom for the quick reply and answers. Very helpful.

I clicked the link in your reply, and got an error page, not found. Am I missing something?

I apparently messed up the link.  Hopefully, this will work better.

Thank you.

It is a bummer PGP is not compat with Carbonite. I note this forum was from 9/2011, and some info was from 2010. Any fixes yet? 

Other suggestions for back up storage?

Please consider this forum thread.

Thank you Tom for the help. I think after reading the thread, I am in way over my head. I cannot get PGP to make a virtual disk to be enrypted (well I can create a disk and mount and dismount, but the intall faile stays on my folder, and anyone can open it without a password, and I can open PGP desktop and mount and dismount without entereing a passphrase, so I am doing something wrong. But even if I can get PGP to work (I have not for the last year) the back up process looks too complicated for a digital immigrant like me. So I think I will have to hire an IT guy. I am wasting too much time on this. Thanks again for the quick timely responses. I wish Symantec had something a little more user friendly for encrption and automatic back up for the small healthcare professional like me. There is a whole market out there.

When you create a Virtual Disk, it is automatically encrypted - there is no extra step involved.  If you are able to mount the virtual disk without entering a passphrase, it means that you have encrypted it to a public key, and you have cached the key's passphrase.  If you unmount the virtual disk, and use the Clear Caches option on PGPtray, you should not be able to mount the virtual disk again without first entering the passphrase.  The easiest way to back up a virtual disk is just to copy the pgd file that contains it to a good backup location.

Well I finally got it to work. At least I think so.  I have PGP WDE 10.1.0

My key was private, at least that is what it popped up as when I click PGP KEYS, then select Private Keys. So after I mount the disk, to keep it inaccessible I have to unmount it, AND clear passphrase caches.Is that right?

So while my computor is on it is encrypted, but accessible to other unless I do the above? But when I shut down the computer and restart it it is not accessible via PGP desktop or the PGP New Disk1.pgp on the subfile folder until a passphrase is entered. Right?

I think I am confused about the location of the PGP New Disk1.pgp. 

Here is how I set it up. C:users/David/My Documents/Clinical Practice/PGP New Disk1.pgp

This placed a virtual disk on drive G:/ that I can mount or dismount. Then I copied the /Clinical Practice folder to the G:/

Should I have located the PGP New Disk1.pgp higher up like in the document folder so it did not copy to the G:/ with the Clinicial Practice folder?

When I back it up. Do you think it will back up in this encrypted virtual disk format to a cloud server without all the technical problems noted in the documents you previously referenced in the thread, as long as I have not encrytped the whole disk?

If not, how do I create a back up on a thumb drive? Do I copy folders on the G:/ drive to a thumb drive as is. Are they encrypted? Do I need to create a virtual disk on the thumb drive?

Thanks.

My key was private, at least that is what it popped up as when I click PGP KEYS, then select Private Keys. So after I mount the disk, to keep it inaccessible I have to unmount it, AND clear passphrase caches.Is that right?

Your key showing in Private Keys means that you have both the private and public components to your key.  Encryption is to the public portion (public key), which can then be decrypted by the private portion (private key).

Yes, if your private key's passphrase remains cached, anyone with access to your computer can mount the virtual disk.  If you are just using that key for the virtual disk, and you don't want to bother with purging your passphrase, you can go to the General tab of PGP Options, and set the caching of your passphrase to be just for a short amount of time, such as one minute.

So while my computor is on it is encrypted, but accessible to other unless I do the above? But when I shut down the computer and restart it it is not accessible via PGP desktop or the PGP New Disk1.pgp on the subfile folder until a passphrase is entered. Right?

This is correct.

I think I am confused about the location of the PGP New Disk1.pgp. 

Here is how I set it up. C:users/David/My Documents/Clinical Practice/PGP New Disk1.pgp

This placed a virtual disk on drive G:/ that I can mount or dismount. Then I copied the /Clinical Practice folder to the G:/

Should I have located the PGP New Disk1.pgp higher up like in the document folder so it did not copy to the G:/ with the Clinicial Practice folder?

You can place the virtual disk file where ever you wish.  Any folder you copy to the mounted virtual disk will be copied to the virtual disk along with any subfolders it contains.  If you want to use your virtual disk to encrypt your Clinical Practice folder, make sure the virtual disk file itself is not in one of that folder or its subfolders, and then copy or move the Clinical Practice folder to the mounted virtual disk.  Of course, if you copy the folder, it is only the copy that will be encrypted.

When I back it up. Do you think it will back up in this encrypted virtual disk format to a cloud server without all the technical problems noted in the documents you previously referenced in the thread, as long as I have not encrytped the whole disk?

If your virtual disk is not mounted, the virtual disk file will be included in any backup just in its encrypted state.  If it is mounted and you back up the virtual disk itself, the files will not be encrypted.

If not, how do I create a back up on a thumb drive? Do I copy folders on the G:/ drive to a thumb drive as is. Are they encrypted? Do I need to create a virtual disk on the thumb drive?

You can securely back up a Virtual disk  by just copying this unmounted "container" file to where ever you wish.  If you want an unencrypted backup, you can mount the virtual disk file, and then copy what ever folders or files you want to what ever location you wish.

Anotehr question regarding backing up to a thumb drive, you state, You can securely back up a Virtual disk by just copying this unmounted "container" file to where ever you wish. When it is not mounted the drive F: does not show up. So what/where is the container file I am copying unmounted so it is copied encrypted?

Example: I have created the New PGP Disk2.pgd to  C:users/David/My Documents/PGP New Disk2.pgd. I can see this file under documents even when it is not mounted. Is this the container file?

When I copy Clincal Practice which also is under documents. (I moved the PGP New Disk2.pgd file up one level to get it out of the Clinical Pracitce folder), do I copy it to the PGP New Disk2.pdg file under documents, or to the F:drive/ which I cannot see when it is unmounted, can when it is mounted?

Thanks for the help. I think I am going to finally get this to work. Just need to understand a few more things.

New Disk2.pdg is the file that contains all your data for the Virtual Disk.  This is the file to copy to a safe location to have all your data in it backed up.

Tom,

Thanks for your help and sticking with me on this. It is finished. Encrypted and all backed up.

David

You are welcome - glad your needs have been met!