Zombie Apocalypse - Will You Still Have Access to the Information You Need Most?

What would you do if you were caught in the aftermath of a disaster or if you became incapacitated and your loved one needed access to all of the family's important information? What if the disaster destroyed your home or forced you and your family to evacuate quickly? Given such events, you need to prepare in advance to make sure you could still live a relatively normal life. The only way this is possible is if you still have access to all the information or documents needed to be able to transact your daily affairs.

Likewise, there might be members of your extended family you need to consider having the same information in case they need to run your family's affair if you or your spouse cannot. Whatever the situation, you need to think about who else might need access to your life. To make any transition or the communication of information easier, when it comes to disaster readiness, you need to prepare a complete inventory of your digital identity and replicate it in the form of a Disaster Recovery Document.

Can't I just print it all out?

The answer is Yes, but you can't strictly rely on printed documents. The nice thing about paper is it doesn’t require power to access and is ready to go as soon as you need it. The bad thing about paper is it can get damaged easily and depending on what you need, paper can take up a lot of space. For specific documents that you need to grab quickly, paper might be the best choice, but you should keep any printed copies in some kind of waterproof package or at the very least, laminate them. Either way, if you plan on printing out a lot of documents, the weight and size will add up quickly.

Don't get me wrong, paper copies should be included as part of your Disaster Recovery Plan, but your main strategy should be centered around digital.

Digital Copies and Encryption

The easiest, most efficient way to organize, maintain, and transfer your most important information, is to create a Disaster Recovery Document and set up a digital repository of your current life. Since you will be storing very sensitive data in your Disaster Recovery Document, you must encrypt this file. If someone were to get their hands on your file, they would have access to your life. If it is encrypted, it would be much more difficult to crack it open.

Here are the steps to consider in order to organize, backup, and securely store your data. Later I will break down each component in detail.

What to Do:

  1. Gather all your family's important information into a single document or spreadsheet.
  2. Password protect this file.
  3. Desktop:
    • Create a secure, local, hidden drive or container on your desktop.
    • Place encrypted Disaster Recovery Document and your digital repository within your hidden container.
  4. Buy an encrypted USB device.
  5. USB Devices:
    • Store encrypted Disaster Recovery Document and your digital repository on encrypted USB device.
    • Keep encrypted USB device on your person at all times.
  6. Buy 2 other USB devices for back-ups.
  7. Either encrypt these USB devices or create secure, hidden drives, or containers on your USB devices.
  8. Store encrypted Disaster Recovery Document and digital repository on encrypted USB devices or within the hidden containers created on the USB devices.
  9. Cloud Storage:
    • Setup an Online Cloud Storage Account
    • Upload encrypted document to your online service.
  10. Inform people you trust where to find your digital repository should they need and most importantly, explain how they would access this information.
  11. Buy a Fireproof Safe to store important paper documents at home.

Gathering Important Information

It is truly amazing just how much information we need to run our day to day affairs. Not having it available could put you or your family in jeopardy if you can't get what you need and when you need it.

iStock-856901814.jpg

(purchased from iStock Photos)

What to collect in your Disaster Recovery Document?

  • Personal information (for each member of the family)
  • Health Information (for each member of the family)
  • Important Contacts
  • Bank Account(s) information
  • Insurance Policies
  • Real Estate Information
  • Investment Account(s) information
  • Vehicle(s) Information
  • Credit Card(s) Information
  • Other Assets or Valuables Information
  • Emergency Plan
  • Important Bills and how to contact companies
  • Location of Backup documents and how to access
  • Etc.

What to include will depend on your and your family's situation. It could be less or it could be more than what is above. The point is, make sure you have everything needed to continue to live with as little disturbance as necessary. The way I look at it is, does my wife have or could she get access to the information she needs to run the family's daily affairs if I passed away or are we taking it for granted that nothing bad will happen? If my wife and I both passed away, could a member of our extended family handle our affairs and protect our kids or are we assuming it would all just work itself out? Point being, we should all be prepared because life is fragile indeed.

Now that you have your Disaster Recovery Document, how do you secure it? I used Microsoft Excel to collect my important information so I simply password protected the file. I am sure there are a lot of people out there who would question the use of excel knowing it is not the most secure choice but because I will be storing this file in a very secure location, I am not as concerned about using excel. If you are concerned, you can always encrypt the file using something like Gpg4win which I will discuss below. Now, we need to build out our Digital Repository.

What to collect in your Digital Repository?

In your digital repository, you should have digital copies of your most important documents. Items to consider include:

  • Copy of driver's license(s) (for each member of the family).
  • Copy of passport(s) (for each member of the family).
  • Copy of social security cards (for each member of the family).
  • Copy of any needed prescription (for each member of the family).
  • Copy of most recent bank statement for each account.
  • Copy of insurance policies.
  • Copy of mortgage or title of the home.
  • Copy of most recent statement for each of your investment accounts.
  • Copy of vehicle loan(s) or title for vehicle(s).
  • Copy of most recent statement for each of your credit card accounts.
  • Copy of the last bill for each of your utilities.
  • Copy of any receipts for expensive valuables.
  • Copy of any certifications or other licenses when proof might be needed.
  • Etc.

There is a lot to consider when building our your digital repository. Not only do you need to consider what goes into your repository, you also need to think about how often it will be updated to stay current. As part of your backup strategy, any time a change in information occurs, it needs to be updated in your Disaster Recovery Document or within your Digital Repository to stay current. For accounts that are ongoing like utilities, mortgage, bank accounts, etc., you need to make sure you don't go too long before you print out a new statement and replace the existing copy. I generally update everything once a quarter but that's just me. Everyone will need to decide for themselves the risk they are willing to take by not having the most up to date information when they need it.

That's it. You now have a file that contains all your family's sensitive information and a digital repository that contains digital copies of the documents you might need to continue your life as best as is possible. The next consideration is where to store these documents.

The file I interact with on a regular basis is stored on my desktop computer. I don't just save it over to the "My Documents" folder and call it "My Family's Sensitive Secrets." Here is where I really put in the effort to protect our data.

Encryption Software

Encrypting files and folders is an important step in protecting your Disaster Recovery Document along with your Digital Repository from unwanted access. And, there are lots of options when it comes to encryption software.

vera.png

My personal favorite is VeraCrypt. VeraCrypt creates a hidden volume (container) on a desktop computer, USB device, or external hard drive that is password protected. So even if someone were able to find the hidden container, they would still need to know the password to mount the drive and access the files. It is a little more involved to setup but not overly complicated and highly effective. The beauty of this solution is that the encryption happens automatically right before it is saved and decryption right after it is loaded. And, the entire file system is encrypted, not just the file. That means all file names, folder names, contents of every file, free space, and metadata are all encrypted. When the drive is not mounted, if you looked at the file on your desktop, it is a weird little file with no extension and no way to open it.

To access the hidden volume (container), you would need to run the VeraCrypt software and then mount the volume like a mapped directory. Once you enter the password, the volume opens up and is listed like other drives you have access to on your network. Once the password is confirmed, you will see the volume along with the directory structure you created and all the files in all the folders. From there you just simply drag and drop files into any folder, create new folders, or update old documents. Once you are done, you need to dismount the drive so that it closes preventing anyone who gains access to your computer from getting access to all the information contained inside.

To get VeraCrypt up and running, here is a great tutorial.

Another option to encrypt individual files is Gpg4win. This software supports 2 different cryptography standards and is the official GnuPG distribution for Windows. GnuPG is an individual file encryption tool with support for a dozen encryption schemes, paired keys, and expiring signatures. GnuPG does not only provide local file encryption; it is a great tool for encrypted communication (email) as well.

Personally, VeraCrypt makes more sense so that you can create the container and drop files into the container as opposed to encrypting each individual file. I still use Gpg4win for email encryption and for encrypting specific files but VeraCrypt is my go-to for encrypting my Digital Repository.

Once the encrypted container was ready, I moved my Digital Repository including my Disaster Recovery Document inside and then deleted the temporary location where I built out my repository using Eraser File Shredder just to make sure there were no remnants of my sensitive information available for anyone to find. After my primary storage location was setup, I created my backups as needed.

Backup Devices

For my backups, I use a series of USB devices to backup my digital repository. I use 1 encrypted thumb drive and 2 normal thumb drives with Veracrypt containers hidden inside each.

Primary Backup Device

For my on-person backup, I use an encrypted Aegis Secure Key Thumb Drive.

clip_image004.jpg

This USB is easy to use and incorporates on-the-fly AES hardware encryption and easy access using a secure PIN. It also falls under the Federal Information Processing Standard - FIPS 140-2 security standard for hardware, software, and firmware solutions. This ensures end users receive a high degree of security especially since it is Level 3 validated.

Using a rechargeable battery, the Aegis Secure Key enables the user to unlock the drive with a 7-15 digit PIN before connecting to the USB port on a computer. By using the embedded keypad this device prevents hardware and software key logging attempts to capture your password. It can also be configured with independent user and admin PINs, making it ideal for different levels of access.

Secondary Backup Devices

Logo Sandisk.png

For my other 2 back-ups, I use SanDisk Cruzer Fit USB thumb drives. These USB drives come with SanDisk SecureAccess 3.0 built-in and once connected to your desktop, will require you to enter a password to access the information they contain. The main difference between these devices and the Aegis Secure Key mentioned above is the Aegis solution requires you to enter the password before you connect it to your computer but the SanDisk require the password after you connect it to your computer. So, if you are concerned about keylogging, the Aegis is the better option. That is the device I carry every day and I want it to be more secure because chances are, I will access it more often. The 2 Cruzer Fit USB devices are meant as backups just in case and will be accessed very little. Still, I want my data contained on all three USB devices to be as secure as possible but I didn't want to spend as much for each device, especially for those I would seldom need. So, I incorporated VeraCrypt into the mix copying the container from my desktop over to each of the USB devices. That helps in a couple of ways. For one, I don't have to update multiple locations with the same information. Well, actually I do but not the individual files, just the updated container. Second, my backup thumb drives are more secure with the added layer of VeraCrypt. But, keep in mind, you will need to have access to the VeraCrypt software as well so that you can mount the drive from within each thumb drive. For that, I just put the software on each thumb drive outside of the VeraCrypt container. That way, where ever I am, I can run the software and then access the containers.

There are a lot of other options for protecting your files on your desktop or non-secure thumb drive as well. These are not as secure but they are free. Really though, they are not free, there is a great deal of faith and risk associated with using them. They would not prevent someone with the skills and determination to access your files if they really wanted to but they might prevent most average users from gaining access to your files.

  1. Hidden files - You can hide the files on our thumb drive to make them invisible to most people who don’t know how to unhide them.
  2. Changing the file names - You can change the name of the files to something else that might not peak someone's curiosity.
  3. Changing the filetype - You can change the file type extension. That way, if someone clicked on it to open it, it would not open because the default application associated with the file type you changed it to would not understand what it was.
  4. Zipping - You can add files to a .zip folder, which will make them smaller in overall size, and can have a password added as well. A program like 7-Zip is a great option.

Cloud Storage

Once you have created your primary and backup copies of your Digital Repository and Disaster Recovery Document, you need to upload a copy to an online cloud storage service. I use Google Drive. I know there are security concerns using a cloud storage provider but again, since my data will be protected by multiple layers of security, I am less concerned.

Also, just to alleviate the need to remember to update the information on Google Drive, I sync my VeraCrypt container to Google Drive automatically. That way as changes are made to my container, a new container file is synced to Google Drive. I just have to remember at some point to delete older containers but that is not a huge concern.

There are other options if you prefer not to use Google Drive so do your research and decide on the platform that works best for you and offers the security that matches the risk you are willing to take.

Home Safe

If you do have printed material that you want to grab quickly if you need to evacuate, make sure and store them in a fireproof safe in your home. That way they are protected and if you need them, you can grab them and get out.

Final Thoughts

Obviously, one problem with storing your information digitally is that you need power and you need to be able to connect to your USB thumb drives. For power, there are lots of options to extend battery power for laptops, tablets, etc. There are also solar chargers that can be used to charge external batteries if electricity is an issue. You just need to make sure you have access to a computer, hopefully you have a laptop, that has a USB port so you can access the information contained on the thumb drive as needed.

Thinking about Disaster Readiness is a rabbit hole that we all need to go down to some degree. How far down the rabbit hole you go will depend on the risk you are willing to take with your and your family's safety. I truly hope all the work I have put into my disaster recovery plan is wasted and I never need any of it, but I wanted to be on the safe side and have it set up just in case. There is a lot of time and some money needed but overall it makes me sleep better at night knowing that my family and I have what is needed if the time comes.

H2
H3
H4
3 columns
2 columns
1 column
16 Comments