Chapter 11: Securing and Sharing Your Data
Securing Your Data
Disk drives and devices with removable storage are formatted with a filesystem. The
filesystem allows you to create and manage files. The format of the disk that you are
working with determines the file security options that are available. You can format
disks by using either File Allocation Table (FAT) or NT File System (NTFS). As dis-
cussed in the sections that follow, FAT and NTFS are a bit different in the way they
FAT Versus NTFS
Both FAT and NTFS come in several different variations, and in some cases, the type
of device you are working with determines which variation is used. With FAT, the
number of bits used with the allocation table determines the variant you are working
with and the maximum volume size. You’ll find that USB flash devices and MP3
players with 4 GB or less of storage are formatted with the 16-bit version of FAT.
FAT16, also known simply as FAT, defines its file allocation tables using 16 bits.
FAT16 is used because it is the most efficient version of FAT for volume sizes of up
to 4 GB.
If you use devices with removable storage that have file sizes larger than 4 GB, such
as a removable hard disk, the device will in most cases use the 32-bit version of FAT,
known as FAT32. FAT32 defines its file allocation tables using 32 bits, which allows
you to have volumes larger than 32 GB. Devices with removable storage use FAT
because it has no security controls, allowing you to access your data on multiple
computers simply by connecting your device to those computers.
On the other hand, NTFS allows you to control access to files and folders by assign-
ing permissions. At home, your computer will typically have file access permissions
only for accounts configured on the local computer. At the office, your computer will
typically have file access permissions for accounts configured on the local computer
as well as accounts configured for your network. While NTFS supports just about
any volume size you’ll want to work with, you can’t necessarily move devices format-
ted with NTFS from one computer to another and gain access to all the data on these
devices. You may not be able to do this because NTFS access permissions are set
using accounts that are specific to a single computer, to a network, or to both.
All files and folders, whether on FAT- or NTFS-formatted disks, can be marked with
attributes that give you limited control over how a file or folder is used. The file
attributes you can use are: