User accounts are a good start to data protection. Setting a username and password at login is the most basic of privacy restraints. Be sure to [ http://help.unc.edu/?id=1552 ] choose a good password. For greater privacy, create a user account for each user, and use the guest account for temporary users. User accounts can be modified and created through the Control Panel. You must make a folder (and all of its subfolders) private so that they cannot be seen by other users. This is only valid for folders included in your user profile (i.e. My Documents, Desktop, Favorites, etc.). Note that the hard drive on which the user profile is located must be formatted as NTFS. For further information, refer to [ http://www.microsoft.com/windowsxp/using/security/learnmore/tips/knox1.mspx ] this Microsoft article. If your hard drive is properly formatted, make your folders private by right-clicking on any folder in your user profile (i.e. under Documents and Settings\YourUserName), then clicking Properties. Under the Sharing tab, check the Make this folder private box.

Similarly, setting permissions for files and folders can allow a little bit more privacy. Common permissions include Full Control, Read Permissions, Modify Permissions, Change Owner, and Delete. To set, view, change, or remove permissions of files or folders, right-click on that file or folder and choose Properties, then click Security.

Windows XP Professional features an Encrypting File System. When you encrypt a file or folder using EFS, only your user account will be able to access it. This means you must have a logon username and password, and it's a good idea to set it so that when it comes back from sleep or hibernation it requires a password. If you leave your user account open, anyone can access the data. Note that compressed files or folders will be uncompressed if encrypted. To encrypt a file or folder highlight it, right-click, and choose Properties. On the General tab, click Advanced, then check the Encrypt contents to secure data box. If encrypting a single file, you will be prompted to choose to Encrypt the file and the parent folder or Encrypt the file only. If encrypting a folder rather than one file, you can choose to encrypt only that folder or all files and subfolders as well.

Windows Firewall is the first line of defense for XP Service Pack 2, and is by default globally enabled. XP (no Service Pack) and Service Pack 1 users have the Internet Connection Firewall (ICF).

Windows Firewall is a stateful firewall, meaning that it observes the state of the network connections that cross it. It is turned on by default with all network communications blocked and is configured to block traffic that is not solicited or excepted (traffic which is specified to be allowed, such as from a valid program). It does not block outgoing traffic, however, and can be turned off by external programs.

Vista attempts to address the major security issues found in previous versions of Windows; Microsoft asserts that it is the most secure Windows ever developed. Vista provides a number of features designed to protect against malware and viruses which could threaten personal data as well as offering an encryption tool for further security.

A key system in Vista is User Account Control. By default, user accounts are set up as limited accounts with fewer administrative privileges. This is designed to prevent malware from taking administrative privileges and seriously damaging your data, programs, and your operating system. When you want to perform an action which requires administrative rights, such as installing or uninstalling a program, accessing and editing other users' data, or changing Windows settings, users with default privileges must enter an administrative username and password. If you have your account set with administrative privileges you will be asked to allow or deny the action. You also have the option of right-clicking on a program and choosing "Run as Administrator."

As another security measure, Vista incorporates Windows Defender (previously known as Microsoft AntiSpyware), which prevents, quarantines, and removes spyware should your system be attacked.

As with XP, Vista's Windows Firewall is a stateful firewall. A big difference from previous Windows versions, however, is that Vista's firewall also monitors outbound traffic, allowing administrators to block or allow programs from communicating with other computers on a network. This is highly advantageous in preventing personal information from being broadcast across the internet through, for example, file sharing networks, as well as stopping viruses and malware from accessing means to further damage or exploit your system.

Vista Ultimate has the ability to encrypt your entire drive through a program called [ http://www.microsoft.com/windows/products/windowsvista/features/details/bitlocker.mspx ] BitLocker Drive Encryption. This feature protects the partition of your hard drive that holds the operating system (usually the C drive) from online and offline attacks. Online attacks are those which occur when Vista is running and can be stopped by Windows Firewall, Windows Defender, your antivirus, and other software security measures. Offline attacks, on the other hand, are situations where someone attempts to access data while the operating system is not running, such as using a different operating system to bypass file permissions or booting the computer to an external disk to change the password and then log in with administrative privileges. BitLocker protects against offline attacks by verifying at every boot that no offline attack had been made; if it detects that an attack has occurred, it locks itself and only decrypts its contents when authenticated with your password.

To protect files on other drives you can use Encrypting File System. As in XP, this setting encrypts the folders and files you specify, giving you free access to them while you are logged in and encrypting them upon your closing the file. EFS is helpful in guarding files and folders from other users, but you must have administrator privileges to use the encryption. To encrypt using EFS, right-click on the file or folder and choose Properties. Under the General tab, choose Advanced. Check the Encrypt contents to secure data box and click OK. You can follow this path again to decrypt the data.

Cryptainer is designed for Windows 95-Vista. It is available for download from [ http://www.cypherix.com/cryptainer_le_download_center.htm ] Cypherix.com. Click on the download link and save the file to your local disk. Double-click on the cryle installer file and follow the setup prompts:

Once setup is complete you will see a message similar to the following example indicating the letter for your new protected drive:

Once Cryptainer has been installed, the new drive will appear under My Computer. In the example below, the Cryptainer volume appears as the F: drive:

You can immediately move all your confidential files to this new drive for protection:

Truecrypt is available for Windows 2000-Vista and Linux. It can be downloaded at [ http://www.truecrypt.org/downloads.php ] Truecrypt.org.

For Windows, extract the file you downloaded to a temporary directory using WinZip or a similar program and double click on the TrueCrypt Setup.exe file and follow the prompts.

It is not necessary to restart the operating system after the installation has completed.

Launch the TrueCrypt program. By default, you can launch the program from Start → Programs → TrueCrypt → TrueCrypt .

Click the Create Volume button to open the Volume Creation Wizard.

Create a file called Test.txt: Navigate to Start → Programs → Accessories → Notepad . Type 'TrueCrypt' in the Notepad document and save it as Test.txt.

Take the defaults and then at the screen below designate the amount of space you would like to use for storage of encrypted files.

To place a file in the encrypted volume, open the TrueCrypt application.

Click Mount. Choose Select File and browse to the Test.txt file you created. When prompted, enter the passphrase you created and the volume will be available in Windows Explorer or My Computer as the drive letter you selected. In the screen capture above the drive letter 'K' was selected.