What steps have you taken to secure the data on your laptop or desktop PCs? Unfortunately, crafting a tricky login password will only protect you from the most casual of data thieves. Anyone with even a modest knowledge about PCs knows workarounds to crack into your hard drive. If your computer falls into the wrong hands, your company’s data could be vulnerable.
The best way to protect data on your computer is to encrypt the entire hard drive.
Keep Data Safe
Although encryption may seem excessive, your data — and especially the data provided by your customers — often contains sensitive information.
The Health Insurance Portability and Accountability Act (HIPAA) already has many organizations putting hard drive encryption in place. But many other firms also have customer names, credit cards, financial information, or other kinds of data they must protect. And what if you operate in a state that requires companies to publicly disclose if data goes missing? Confirming the data was highly encrypted dramatically reduces public relations risks.
For all these reasons, encrypting hard drives should be standard operating procedure — especially for laptops, but also desktops.
How Encryption Works
In basic terms, encryption uses two components: an encryption key, and an encryption algorithm. Both components are necessary to transform hard drive data into unreadable code known as cipher-text. The encryption is uniquely dependent on the encryption key used, so both components work together to transform it back.
Full disk encryption protects the entire hard drive while your system is off. You cannot start Windows at all without first entering the correct password in a pre-boot authentication screen.
Also, if someone removes the hard drive, they cannot read it from another system, because all the data remains encrypted.
What to Look For In Hard Drive Encryption
Different systems encrypt data in various ways. While almost any encryption is better than none, there are a few specific things to consider:
- Level of encryption — There are many forms of encryption algorithms available, with varying degrees of complexity that make some harder to crack than others. Some of the stronger flavors of encryption include 3DES (2x 56-bit encryption), Blowfish (a 64-bit block cipher with a single 128-bit encryption key), and most importantly, the Advanced Encryption Standard (256- bit encryption). Also, if you have managed users, look for whether the RSA Algorithm secures the exchange of the encryption key between client and server, so that critical piece of code is protected while in transit.
- Password resets — If a user loses the encryption key, how can it be securely reset? Ideally, it should be through direct communication with an IT administrator who can confirm the identity of the user.
- Client-Server Communication — Make sure that custom firewall rules aren’t required in the event that an administrator needs to make changes such as a password reset.
Lock Data Down
Many organizations take extraordinary steps to secure their network and facility, and backup their data, but then overlook how simple it is for a laptop or even a desktop PC to go missing. Encrypting your hard drive is a straightforward means to eliminate a potentially devastating risk.
To discuss hard drive encryption or any topic related to protecting your organization’s data, just get in touch.