We all know that we need to protect our data from unauthorised access and we spend much time and effort making sure it doesn’t happen. We are also familiar with the use of passwords as one method of doing this – whether that’s a password to protect our device, or a specific folder or application.
However, we are also increasingly encouraged to ensure our devices are encrypted as another way of deterring those who would desire access to our information. But if you’ve got your device protected with a password, and possibly Multi Factor Authentication, and maybe even a fingerprint or facial recognition, is encryption really necessary? After all, these should be enough to stop access to our data, right?
It is true that passwords and biometrics can be used to prevent access but this does not go far enough.
Whilst it’s not so easy with phones and some more modern laptops, it is a simple matter to remove a drive and place it in another device, allowing that device to access the data without the need for the password or the biometric information.
It is also possible to bypass the usual bootup procedure on the original device, for example load up a non-Windows operating System on a PC, and access the previously “protected” files that way.
Whilst it’s gotten a little more difficult to do in recent years, it is still relatively easy for anyone with the knowledge and tools to do it. So it goes without saying that you need a means to prevent it.
That means is encryption. Essentially this ensures that the data on the device is encoded and cannot be read without the decryption key. Placing the data drive in another device does not work as that new device doesn’t know the key. Similarly, booting up a different operating system wouldn’t work as that also does not know the key.
How do you ensure a device is encrypted? Modern mobile phones and tablets have an encryption option so make sure it is enabled. Macs have File Vault which will handle this for you and this is enabled by default on new Macs.
On a Windows computer it’s a bit more complicated. Windows 10 Pro comes with Bitlocker which will encrypt the drive for you but is NOT enabled by default. For most computers made in the last five years you can set it and that’s it (but do make sure you make a backup copy of the encryption key), but for older ones it can be a little more convoluted. So we would advise speaking to your IT provider before encrypting your computers.
Unfortunately if you are a Windows 10 Home user, this does not offer encryption – you would need to update to Windows 10 Pro to do it. This means of course that we would always advise buying computers with Windows 10 Pro for your business. It’s a security risk otherwise.
So in summary, yes you DO need encryption and passwords and you should ensure that all of your devices, particularly those that are portable (i.e. easier to steal or lose) have both.
If you’re not sure about hoe to go about encrypting your devices then get in touch with us here at RedFez. We’ll be glad to help.
For more information on encrypting Windows devices, you can read Microsoft’s guidance here.