One of the things that most computer users know is that files contained on personal computers and laptops often contain very sensitive information. Users can share those files with people for personal reasons, but more often than not it is business that requires users to share files and information most often. Especially with peer to peer file sharing where many users can have access to the same files and thus the same information, it is a good idea to take some simple steps to clean up those files of any sensitive information that can fall into the wrong hands. This is a fairly easy process to do for pc users, and although mac users do not have the same concerns, they can benefit from the added security awareness, too.
Sanitizing files involves removing all the very sensitive information from program files. This is usually information that is private and should be regarded as confidential. There are also properties within files that can contain sensitive information as well, and these should be carefully looked into for computer security. Often in business scenarios and non profit organizations, the management will have a policy in place that clarifies what is regarded as sensitive information. For the home office, the uncertain user should consult a legal professional to ensure that a home security policy is in compliance with state and federal regulations.
The information that needs to be protected includes things like credit card numbers, private phone numbers, and private addresses. It can also include things like sensitive passwords, social security numbers, birth dates, and the gender of users if there is more than one user on that computer. Finally, financial data should also be considered sensitive. What some people may not realize is that demographic information is collected on people all the team by various companies and organizations, and sensitive information that is acquired by an outside attacker can be sold to those parties, often for considerable sums.
The process for file sanitization is fairly straight forward. The user simply has to carefully review each file for sensitive content and delete that content. The simplest way to delete sensitive content is to replace it with block text or keyboard underscores. File properties often contain sensitive information as well, and the user simply has to open the file properties tab and remove the pertinent information. Some files do not allow the user to make changes to the information listed within file properties, but these are usually tied to very specific programs.
One of the other things that users can get a better understanding of with their files is knowing what kind of file can constitute a threat. For instance, when users share files, it is a good idea to check the file extensions on the file names just to be certain they are not inadvertently downloading programs designed to compromise their computer security. These might be files ending in names like “.exe” and .”wma”, and even some of these files an attacker can mask to disguise the file itself. So, be certain to check files thoroughly.
File sharing does not have to be dangerous so long as the user is careful. Sensitive information should be removed from files that are going to be shared with others, because file sharing allows everyone access to that information.
Editor’s Note: David Hawk writes for tech blogs and uses Brainloop document sharing to protect his file transfers.