Learn to encrypt your sensitive data.
Properly used, encryption is a surefire way to keep information and communications secure.
At its most simple, encryption works by using a mathematical formula to scramble data, which can only be unscrambled with a specific key and/or pass phrase.
As a journalist, you store and transmit a great deal of information. Some of this information may be sensitive and/or put you and your sources at risk. You might want to encrypt this information in order to protect it.
Encryption in some countries has legal restrictions on use so you will need to consider that before crossing borders and/or working in certain countries. Research on this should form part of your risk assessment.
Encrypted messaging apps and internet calls
There is a wide range of tools that encrypt communications. This means that your messages are encrypted while they are in transit from the sender to the recipient. They are no longer encrypted when you open up the message on your phone. If someone gains access to your device either remotely or physically then they will be able to read your messages.
The tool that you use will most likely be dictated by the preference and situation(s) of the people that you need to communicate with and the country you are in. You should always try to speak with your sources using the most secure method possible and be informed about who makes the tool that you are using. All companies store data on their users, which can be subpoenaed by governments and used to build a case against you. Some companies keep more data than others, so finding out how much data they keep is vital.
Here are some common encrypted messaging services:
You can use different types of software to encrypt your email, which usually encrypts “end to end”. If used correctly, end-to-end encrypted email can be a very effective way of communicating securely with others.
End-to-end encrypted email means that the content of your email is encrypted and can only be decrypted by the recipient. The recipient will also need to use end-to-end encrypted email. Be aware that the title of your email, the email details of the sender and the email details of the person receiving the email are not encrypted.
There is different software that you can use to encrypt your email. Remember, encrypted email will only work if the person you are sending the email to is also using encrypted email. You should always update your software to protect it against security vulnerabilities.
Encrypted email can be complicated to set up and is not always convenient. There is currently no way to send encrypted email from your phone, for example.
Here are some common ways to encrypt email:
Encrypted cloud services
Journalists frequently back up documents to the cloud. Some popular services include Google, iCloud and Dropbox. These may be perfectly suitable for many users, however you should be aware that your documents are only as secure as the service they are stored on. Some of these services have been breached and data on users has been taken.
If you are storing especially sensitive documents and/or material, or are concerned that you might be targeted directly by an adversary, you may want to use an encrypted cloud service.
Some examples of an encrypted cloud service include:
Encrypt your devices
You may want to encrypt the drive on your computer which is known as full-disk encryption. This is relatively easy to do and can be an effective way of protecting your data. Please be aware that travelling to and/or working in certain countries with encrypted devices is illegal.
Turn on full-disk encryption for your computer:
- Bitlocker for Windows
- Filevault for Mac
Extra reading on encrypting your computer:
Most newer phones have encryption as a default model. This means that information on your phone is encrypted when it is being stored or sent. However, if you want to prevent your data being physically accessed you will need to encrypt your information and protect it with a passphrase. If your phone is not encrypted and you want to encrypt your device you can turn on this option in the security settings section of your phone.
Your phone will normally back up information on your device to the cloud service. If you are using an iPhone it will back up information to the iCloud. If you are using Android then it will back data up to Google Drive. Be aware that the information in the cloud may not be encrypted.
You may want to remove data from your phone if it is lost or stolen. To do this you will need to set up your phone to remote wipe. Turning on this feature will give Apple and Google access to the location of your device at all times.
To set up remote wipe:
- Find my iPhone for iPhone
- Android Device Manager – you may need to enable ‘remote lock and erase’
You may want to use encrypted apps to communicate with others. Please see our guide on encrypted communications for more information on this.
Encrypt your files, your hard drive and USBs
If you want to keep sensitive documents safe you might want to consider encrypting them. All major computer systems have their own methods for encrypting, so you should check which one is available on your computer.
Encrypt your website
See our guide on you and the Internet for information on this.