There is something to be said about the convenience of full hard drive encryption software like AlertBoot, as opposed to the use of file encryption software. Granted, both are excellent ways of protecting sensitive data. However, one is more foolproof than the other. (I'm referring to hard drive encryption, of course.)
Also known as full disk encryption (or whole disk encryption), hard drive encryption does exactly what its name implies: it encrypts the contents of an entire hard drive. However, the wording here is very important because it implies something that hard drive encryption doesn't do.
If an unencrypted hard drive resembles a box where you can place sensitive documents, an encrypted hard drive is like a safe with locks. I find this analogy to be very helpful in explaining how full disk encryption does not encrypt your files.
Remember, encryption is the process of scrambling data. This means that, if files are encrypted, that file undergoes a change (the scrambling process). If you copy that encrypted file to a USB memory stick or send it via e-mail, the file will remain scrambled.
However, this is not so with hard drive encryption. That is, the file will remain encrypted as long as it stays within that hard drive, but if the file is taken off the drive, then the file not be encrypted anymore.
And that's why the locked safe box analogy works to illustrate the point. Placing a document in a safe doesn't materially change the document itself. The protection is afforded by the safe. Take the document out of the safe and it faces a significantly higher risk of its contents being read like normal, regular files.
And yet I noted at the top of the page that hard drive encryption is foolproof. How? you may be asking.
The answer has to do with the way computers create temporary files, and the availability of excellent search software.Temporary files are created whenever you work on a digital document. You probably can't see them, since the settings for the latest versions of Windows are automatically set to "do not show," but opening a Microsoft Word file and just typing one letter will create a temporary file, a file with a name that ends in ".tmp."
These are created left and right as significant changes are made to the original document, and usually carry the same information as the actual file. Temporary files do not overwrite themselves, so plenty of these are created over a given hour. These files are supposed to delete themselves once you close the original…but it doesn't always work that way.
This means you may potentially have hundreds, maybe thousands, of temporary files on your computer. Whether the information in those files are sensitive, nobody knows. In the past, it would have meant having to open every single one of them in order to find out, and this afforded a form of protection known as "practical obscurity:" It's annoying to open thousands of files knowing that there may be nothing of interest there, so most people don't even bother.
Today, however, there is plenty of (cheap) software out there that will do the search for you. For example, software that peers into files to see if 9-digit numbers can be found, potentially numbers that represent SSNs. Credit cards are usually 16 digits, longer if they happen to be American Express. The software can account for dashes, spaces, etc. Finding sensitive information has become a piece of cake.
Who's going to take the time to encrypt temporary files? No one, and this could be a potential data breach source. If you encrypt entire hard drives, though, this won't be a problem. You do need to remind yourself to encrypt any files getting off of that drive, though.
If I may go on a tangent, I was a supporter of the seti@home project when it started gaining momentum, back in 1998. The seti@home project is a distributed computer processing project that analyzes space signals from the Arecibo observatory (They're looking for E.T. No, for real; they are).
I wouldn't have done it, though, if my computer were to experience a performance hit. But that was never an issue because I mostly used my computer for typing reports and running small spreadsheets. Even if I were to type 300 words a minute, the computer was probably doing the equivalent of twiddling its thumbs a million times between my keystrokes.
Likewise, performance hits coming from full disk encryption are minimal at best for the average computer user. Computer performance used to be an issue in the past (like 10 years ago) because the hard drive continuously encrypts data as you're creating and modifying documents. But with modern computer hardware, you shouldn't notice performance hits unless you make it a point to track that stuff.
All in all, hard drive encryption represents an excellent way of safeguarding your electronic data.
Pingback from Encrypt Entire Hard Disk Drives For Full Protection - AlertBoot Endpoint Security