...containers inside a partition that act like a hidden disk within a disk. Other users see only the data in the "outer" disk.
Disk encryption products can be used to encrypt removable USB drives, flash drives, etc. Some allow creation of a master password along with secondary passwords with lower rights you can give to other users. Examples include PGP Whole Disk Encryption and DriveCrypt, among many others.
#6: Make use of a public key infrastructure
A public key infrastructure is a system for managing public/private key pairs and digital certificates. Because keys and certificates are issued by a trusted third party (a certification authority, either an internal one installed on a certificate server on your network or a public one, such as Verisign), certificate-based security is stronger.
You can protect data you want to share with someone else by encrypting it with the public key of its intended recipient, which is available to anyone. The only person who will be able to decrypt it is the holder of the private key that corresponds to that public key.
#7: Hide data with steganography
You can use a steganography program to hide data inside other data. For example, you could hide a text message within a JPG file or an MP3 file, or even inside another text file (although the latter is difficult because text files don't contain much redundant data that can be replaced with the hidden message). Steganography does not encrypt the message, so it's often used in conjunction with encryption software. The data is encrypted first and then hidden inside another file with the steganography software.
Some steganographic techniques require the exchange of a secret key and others use public/private key cryptography. A popular example of steganography software is StegoMagic, a freeware download that will encrypt messages and hide them in .TXT, .WAV, or .BMP files.
#8: Protect data in transit with IP security
Your data can be captured while it's travelling over the network by a hacker with sniffer software (also called network monitoring or protocol analysis software). To protect your data when it's in transit, you can use IPsec — but both the sending and receiving systems have to support it. Windows 2000 and later Microsoft operating systems have built-in support for IPsec. Applications don't have to be aware of IPsec because it operates at a lower level of the networking model.
Encapsulating Security Payload (ESP) is the protocol IPsec uses to encrypt data for confidentiality. It can operate in tunnel mode, for gateway-to-gateway protection, or in transport mode, for end-to-end protection. To use IPsec in Windows, you have to create an IPsec policy and choose the authentication method and IP filters it will use. IPsec settings are configured through the properties sheet for TCP/IP, on the Options tab of Advanced TCP/IP Settings.
#9: Secure wireless transmissions
Data that you send over a wireless network is even more subject to interception than that sent over an Ethernet network. Hackers don't need physical access to the network or its devices; anyone with a wireless-enabled portable computer and a high gain antenna can capture data and/or get into the network and access data stored there if the wireless access point isn't configured securely.
You should send or store data only on wireless networks that use encryption, preferably WPA, which is stronger than WEP.
#10: Use rights management to retain control
If you need to send data to others but are worried about protecting it once it leaves your own system, you can use Windows Rights Management Services (RMS) to control what the recipients are able to do with it. For instance, you can set rights so that the recipient can read the Word document you sent but can't change, copy, or save it. You can prevent recipients from forwarding email messages you send them and you can even set documents or messages to expire on a certain date/time so that the recipient can no longer access them after that time.
To use RMS, you need a Windows Server 2003 server configured as an RMS server. Users need client software or an Internet Explorer add-in to access the RMS-protected documents. Users who are assigned rights also need to download a certificate from the RMS server.
Talkback
This post has been removed by a moderator.
Very nice and informative article regarding protection of data. Data security has always been a concern for me and I always prefer having strongest security for my important files that I keep on my computer and portable drives. I would like to add another simple way to protect data i.e. by using a file encryption and folder locking software Folder Lock. I have been a folder lock user for a long time now and it has always helped me just like the way I like both on my pc and external drive. Why I recommend this software is because, the security is actually unbreakable just like its been developed exactly for security conscious people like me. Other than locking and encryption it provides extra facilities like automatic protection after idle time, shut down computer after wrong password attempts to access my data etc. So if you are really concerned and you have got extra sensitive stuff on your pc, other than using the above techniques for protecting data, give Folder Lock a try.