IMPORTANT: Please take into account that you can use VeraCrypt yourself up to what we call Lvl 3 Protection without the risk of losing important data or access to your system. As long as you follow the encryption guide provided here and are careful about the things we warn you about, you should not need assistance in setting this up.

From Lvl 4 Protection onwards, we suggest that you talk to someone at the DCC for assistance. These higher levels of protection ensure that your data is harder to find and leaves less traces, but they also carry the risk of losing data by overwriting it or losing access to your operating system, IF THEY ARE SET UP INCORRECTLY. You will also have to be told about clear practices that you need to follow in order to ensure plausible deniability and the best level of protection.

In our consultation with you we have advised you on a level of protection that is ultimately just a suggestion. You can decide to get higher protection for your data, of course. Be aware, once again, that in getting a higher protection level the risk you face shifts from data leakage to actual data loss. We would ask that you follow our guidelines unless you really need a higher level of protection for your data, in which case you should request a follow up consultation with us.

In order for VeraCrypt to provide effective security, the user needs to be aware and follow a number of guidelines that are listed here in short form and in their entirety in the VeraCrypt manual. Please refer to the VeraCrypt manual (pp.90-99 in the pdf or the Security requirements and precautions section of the online documentation) for a more detailed explanation.

Before we go into detail, there are four golden rules you want to follow:

• Mount your VeraCrypt volumes only when you work with them. Once you are done, make sure you dismount your volume(s). If you do not require a specific volume to be mounted, never mount it in the first place.
• Always lock your machine when you are not working with it. If you are about to leave your machine unattended for more than ~5 min (bathroom break, quick coffee grab, etc.), dismount EVERY VeraCrypt volume and mount them again when you come back.
• Never take sensitive data out of the VeraCrypt volume. If you have to copy or create a new file, make sure that you move files or create them in a VeraCrypt volume. Files taken or created outside of the volume might leave traces of information on unencrypted parts of Windows.
• When you are done working with a VeraCrypt volume, always dismount it, turn off your machine, and leave it turned off for a few minutes. If you have to continue working on non-sensitive data later, you can safely resume your work after the computer has been shut off for said period of time. This is to ensure that information on the VeraCrypt volume doesn’t stay stored in RAM.

Hereafter are some practical steps you should take to ensure that information on your data or the VeraCrypt volume does not accidentally get left unencrypted. Click here to display the list of precautions and their step-by-step guides.

→ Move to the next step