How Encryption Works on Your Computer

You have probably heard people talk about using encryption to protect themselves and their information. Let’s look at what encryption is, how it protects you, and how to implement it properly.

Why Use Encryption?

You might have sensitive information on your devices, such as documents, pictures, and emails. If one of your devices were to be stolen, all of your sensitive information would be in someone else’s hands. Encryption protects you in these situations by helping ensure unauthorized people cannot access or modify your information.

How Encryption Works

Encryption converts information into a non-readable format called ciphertext. Today’s encryption works by using complex math operations and a unique secret key, converting information into ciphertext. The key locks or unlocks the encrypted information. Your key could be a file stored on your computer, a password, or a combination of the two.

What Can You Encrypt?

There are two types of data to encrypt:

• Data at rest – data stored on your device
• Data in motion – email or messaging or sharing on networks

Encrypting data at rest is vital to protect information in case your computer or mobile device is lost or stolen.

Full disk encryption (FDE) is a widely used encryption technique that encrypts the entire drive in your system. This means that everything on the system is automatically encrypted for you.

Today, most computers come with FDE but you might have to manually turn it on or enable it. FileVault is used on Mac computers while Windows computers can use Bitlocker or device encryption. Mobile phone encryption for the iPhone and iPads automatically enable FDE once a passcode has been set. Starting with Android 6.0 (Marshmallow), Google is requiring FDE to be enabled by default provided the hardware meets certain minimum standards. Please check with your device manufacturer to determine if it supports FDE.

Information in motion is also vulnerable.

If data is not encrypted it can be monitored, modified, and captured online. This is why you want to make sure that all sensitive online transactions and communications are encrypted. A common type of encryption for data in motion is HTTPS. This means that traffic between your browser and a website is encrypted. Look for https:// in the URL, a lock icon on your browser or your URL bar turning green.

Key Things to Remember

• Your encryption is only as strong as your key.
• If using a passcode or password for your key, make sure it is a strong, unique password.
• The longer your password the harder it is for an attacker to guess or brute force it.
• If you can’t remember all of your passwords we recommend a password manager to securely store your passwords.
• If your device has been compromised or is infected by malware, cyber attackers can bypass your encryption or leverage your secret key to decrypt the data if your key is not stored securely. It is important you take other steps to secure your devices including using anti-virus, strong passwords, and keeping them updated.