I am trying to research the best way to protect jpg files. I am conducting a research program whereby archival records are photographed for consultation outside the archives. I am required to explain how I will protect these files as they contain personal and private information. Any thoughts or directions as to where/what I should be looking at?
Robust security. Password protected enterprise usb/hard drive is OK, but I'm thinking the individual files could be encrypted too. They have a whole host of rules when using digital info. For example, the computer you use to view the files cannot be connected to the internet or any network in any way, it has to have a paid for virus protection software and so on. I need to show I know what I am doing, I have thought about and taken seriously a security program to protect people's private information and I can take action on my proposed plan. When I search on the net for some of these things all I get are theoretical papers from Computer Science departments or cheap crappy looking encryption software. I feel like I don't have the right terminology to start researching.
What kind of level is this research? How good are you at programming? The antivirus and offline thing wouldn't work: you can always make an antivirus ignore some programs and they could just save the files on the PC. When they disconnect from you, they can connect to someone else and upload the pictures.
What would work, however, something similar to Blizzard's Warden. When you play their games, it always monitors which processes monitors the game, and if they detect something, they disconnect (or even ban) the player. You wouldn't need offline restriction, nor an antivirus if you're good at programming.
I agree the offline requirement is debatable how well it would secure anything and that paid for anti-virus is not necessarily going to make things more secure. Nevertheless, this is what they require and is clearly stated as a requirement in a legally binding document. Any deviation from their stipulations could result in my loss of research privileges and criminal charges. So, it matters little what you and I might think is best, these are non-negotiable requirements.
As for research I can figure many things out. I figured out how to run ESXi by myself, but I have no formal computer training and can’t program.
I don’ need a program to handle real time intrusions. I just need a robust plan. For example, Digital photos taken at archives, transferred to laptop in reading room (laptop clean install of OS and never connected to internet during research period (?)), camera memory deleted. Laptop usb/hard drive password protected and individual photos encrypted/password protected. Usb/hard drive stored in a locked safe at such and such address… you get the point. Not sure about the laptop not connected to the internet as they require all updates to be installed (part of binding legal agreement).
What I’m trying to understand is what the most robust way is to secure the actual digital files beyond passwords.
You could define "robust"? I am not a native English speaker and I am not entirely sure which meaning of the word you are trying to use.
Also, I missed the point that you had to follow the exact plan. To be honest, nothing apart passwords will help - computer is made in a fashion that it is not secure. After all, they are computational machines, and who would want to hide numbers?
Robust in this situation means well rounded, well developed, well researched, anticipating counter-arguments, pointing out flaws in the plan and providing proactive solutions. They know no plan is perfect, but they want to see how you plan to overcome these issues as best as is realistically possible. This also shows that you are invested in the process and not simply "filling in the blanks" on the Research Agreement form.
I don't really know what to tell you. You would at the very least need a viewing program that doesn't let you copy the images. Secondly, as long as you use .rar encryption with 12-character or more password, the images will be safe, as no one will be able to crack the password.