How to Secure an External Hard Drive

A stand-alone computer with an emphasis placed on physical security of the computer and controlling access to the data is the most secure computing platform for the Add Health data. An external hard drive is a modified version of the stand-alone computer, in effect keeping the Add Health data off the Internet or a LAN.

The emphasis for securing the data on an external hard drive is placed on removing the computer from the network while the external hard drive is in use, controlling access to the data directory, and physically securing the hard drive in a locked cabinet when not in use.

USB "thumb/jump" drives are not acceptable devices for this option. USB external hard drives, Firewire external hard drives, or EIDE hard drives in a Startech-type of removable device are acceptable options. The external hard drive should be larger than purse or pocket size. These external hard drives are sometimes classified as desktop models.

To make this scenario work, you need remember and do only two things:

1. Never have the network cable and external hard drive connected to the computer at the same time.
2. Always secure the external hard drive in a locked cabinet, drawer, or safe when not in use.

Prerequisites for placing the Add Health data on an external hard drive:

1. You need a private, lockable office, not a student computer lab.
2. You need your statistical analysis applications installed on your local hard drive, not on a network server.
3. You will need a new local userid on your PC. You will not be able to use your Domain Account.
4. You may use Windows 2000, XP, Mac OS X, or Linux. You may not use Windows 95, 98, or NT4.
5. You must not move the external hard drive from the location specified in your security plan (e.g., cannot move between office and home).

Follow these steps to prepare your computer for use with the Add Health data on an external hard drive:

1. Power down the computer, which resides in a locked room accessible by authorized personnel only.
2. Disconnect the network cable.
3. Connect the external hard drive.
4. Power up the computer.
5. Login using the local userid created for accessing the Add Health data.
6. Create separate directories on the external hard drive for the Add Health data and your program files.
7. Using Windows 2000/XP Encryption, or another suitable encryption program, encrypt the Add Health data directory on the external hard drive. (Make sure you do not encrypt your program and documentation directories. You may also make backup copies of the program and documentation directories.)
8. Configure your analysis software to point temporary work files to the encrypted Add Health data directory on the external hard drive.
9. Password protect your screen saver and activate after three minutes of inactivity.
10. Install a secure erasure program. This program should be run monthly and after the secure data has been removed from the computer at the end of the contract period. (Shred 2 is inexpensive and works well.)

Follow these steps each time you use the Add Health data external hard drive:

1. Power down the computer.
2. Disconnect the network cable. (Creating a hardware profile that disables the network interface card is an acceptable substitute for disconnecting the network cable.)
3. Connect the external hard drive.
4. Power up the computer.
5. Login using your local userid.
6. Do not leave your computer and external hard drive unattended.
7. Do not copy or move the Add Health data out of the secured directory on the external hard drive for any reason. 

Follow these steps when you are not using the Add Health data external hard drive:

1. Logout.
2. Power down the computer.
3. Disconnect the external hard drive.
4. Lock the external hard drive in a secure place (e.g., a file cabinet, drawer, or safe).
5. Connect the network cable.