Best way to partition a clean install?

Windows and programs on 1 partition, data on the other.

Encrypt the entire drive.

It`s not a home computer, he says he takes it with him internationally.

Ya I agree encrypting is a waste of time too, anyone can hack it with Linux.

Like Jimbo says, unless you work for NASA or the Government, no none cares what`s on your computer, they`ll just reinstall windows and keep it or try to sell it.

But the partitioning suggestion I gave still stands, and most people would agree.

jimbo45 said:

Hi there.

Encrypting a drive on a home computer IMO is just a waste of time -- it adds complexity if you need to recover your system or copy it to a new machine. If this computer is also used at work then that's another issue - most workplaces have computers usually equipped with bitlocker or something similar and external usb devices if they are allowed at all are also encrypted.

On home computers - ask yourself why do you need encryption -- hopefully you aren't working for CIA / MOSSAD etc. Any private or sensitive data just store off line.

In any case once you start transmitting stuff to the internet the data isn't encrypted at that point (even through a VPN) as the target site has to be able to handle your requests. The only exception is that if you logon to say a works VPN that will be encrypted both ways but for requests outside the VPN to "the public internet" will just go in plain text. So even if say your banking password is scrambled (the bank's software at the other end will verify it's ok) a malicious user could intercept your request and logon to your bank.

Most people have utterly no conception of how "leaky" the internet is --fortunately for around 99.9% of us mere mortals it doesn't actually matter and the benefits of an open Internet are far greater --the fact that govts for years have been racking their brains out trying to find schemes to control it -- fortunately they' ve failed and will continue to do so.

If you use the Internet intelligently there shouldn't be any problems --just be aware of what you are doing and understand the limitations.

Cheers
jimbo

I mostly agree but if OP travels internationally a lot, I think some encryption is not a bad idea to help protect his personal data, not just work related data.

I have travelled to many countries and in some, I would not trust even hotel staff or Police etc to steal the laptop if left unattended.

Things like bank account details are what are more likely to be the target.

Sure encryption is not going to stop real experts but does reduce risk.

Ok, to answer your question

It's best when installing windows to do so to an empty unpartitioned drive, This will then automatically partition the drive in the way that the current build of windows is happiest with.

Once at this stage with everything you need installed and running you can look to partition the system.
You will know your systems liability to grow better than us so decide on a suitable size for the system partition and shrink the partition and create a fresh data partition, to the right of the system partition, (If windows has created a recovery partition at the extreme right of the drive, Leave it alone and create the data partition in the space available).

If you use the Location feature it is simple to move the user folders, (documents, Downloads Etc), to the data partition, (this is a good idea if you have applications that insist on saving to these folder trees)

If you do deal with confidential business data, (which is more likely to be valuable to a thief than government data that is normally outed regularly), then you could encrypt the data partition, or create two partitions one for day to day use and an encrypted store for "private" data but in this case I would suggest an encrypted USB pen drive, (with encrypted online backup if you are actually modifying the data whilst travelling), which adds physical security to the mix ( Even if the laptop is stolen, if you have the PenDrive with you at all times than the data is better protected)

Ransomware protection is an essential these days and most of the major security suites include some form of folder protection. which can be a PITA to use but the price we all pay today

Hi there
OK if you take computer out or travel with it then another issue --however if it's say a home computer / desktop type of thing then IMO the most sensible system is to back up sensitive data and store off line.

Incidently another possibility (haven't yet seen it implemented but could be) is that at logon time you get say 3 attempts after which the whole HDD is garbled and you would have to do a restore unless you could supply a special key number which would unscramble your HDD. No reason not to use some of the techniques the Ransomeware lot have cooked up for decent legitimate purposes. !!!!

Modern laptops are not easily opened and often the SSD is fixed to the mobo so a thief wouldn't get any joy by simply swapping the HDD.

As far as data is concerned I really don't have anything on a laptop that anybody would have the slightest interest in .

I'd love to see potential thief making any sense of some geothermal energy system reports and data written in Icelandic --they'd be welcome to have those !!!!!!. My email would also be equally baffling !!!!

I'd also like to see the look on any buyers face if a potential thief wanted to sell my laptop with Icelandic keyboard and Windows installation -- I'm sure suspicions would be aroused if some "illegal immigrant" was trying to flog it !!!!!!!

However if extra security gives people peace of mind --so be it --better to have too much than absolutely none at all. However in a recovery situation it makes for much more complex processing and I have seen people lose data because of this.

Cheers
jimbo