How Full Disk Encryption Works

Full disk encryption is a data protection method that is used to encrypt every single data file on a hard disk. It is generally used as an added measure for encrypting data within an organization and in conjunction with other data protection methods. Full disk encryption is also used to protect the data that is stored on the hard drive of laptop computers and other portable devices within an organization so when they are used in a remote work area, the data can also be accessed only by the remote user through the use of an authentication device.

How Full Disk Encryption Works

Full disk encryption systems employ strong encryption algorithms that are used to automatically encrypt data as soon as it is stored on the hard drive of a computer or other portable storage device. This type of encryption system is used to ensure that the end user does not forget to encrypt data or select only pieces of data to be encrypted. This way there is no question about what type of data should be encrypted and provides reassurance that the encryption policies of the organization are being carried out.

Disadvantages of Full Disk Encryption

One drawback of full disk encryption is that it does not encrypt data during the process of transmission when the information is being shared between devices or stored on portable devices such as a flash drive or external hard drive. It also does not protect data that is being transferred over the email from a computer that contains full disk encryption.

Another disadvantage is sometimes full disk encryption requires the entire computer operating system to be decrypted before you can boot up the computer. This means the decryption key has to be accessed before you can get to the interface that requests a password for access to the system.

Advantages of Full Disk Encryption

When an organization employs full disk encryption it is no longer up to the user to decide which files to encrypt for data protection. Whatever files are on the hard drive, they are automatically encrypted and require a password or smart card for access. Everything is encrypted including the computer's temporary files which are capable of revealing sensitive data.

Full Disk Encryption can also prevent the wrong user from accessing the data with a smart card. The smart card is the authentication device that allows the system to retrieve the key that will decrypt the files on the hard drive. The key provides added security because the data can immediately be rendered useless by destroying the cryptography key.

Full disk encryption systems allow for all of the functions to be managed from a central location within the organization. This includes functions such as decryption key management, access control to the mobile devices, lock-outs if necessary, reporting and recovery of lost passwords or smart cards.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.