in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

What Is Disk Encryption?

Disk encryption goes by many names: full disk encryption, whole disk encryption, drive encryption, and other myriad combinations using the words "disk" and "drive."  Essentially, it is encryption specifically designed to protect the entire storage device on your computer, as opposed to securing electronic files individually and independently.

  • How is disk encryption different from file encryption? How file encryption is actually better
  • Why use disk encryption?  Sometimes it's more convenient and also more secure

In fact, explaining how file encryption is different from disk encryption better illustrates what disk encryption is and what it does.

How Does Disk Encryption Differ from File Encryption?

The working principle for disk encryption and file encryption is the same.  The difference lies in what is being encrypted.  In file encryption, as the name amply implies, it's the individual files that are being protected with encryption software.

This means that you can email the encrypted file; save it to a USB flash disk; FTP it to another server; etc. and the file will remain secure since the encryption is a the file level (think of it as the encryption travelling with the file).  The same is not true for disk encryption.

If you have a document in an encrypted disk and you send it to someone else via email, an unencrypted copy will be sent to the recipient because it's not the file that is encrypted, it's the disk that is encrypted.  Think of disk encryption as a strong box or safe: as long as a document is securely locked in that strong box, the documents are protected.  Send it via mail and it's only as secure as the post office and recipient allows it to be.

In a similar vein, an encrypted digital file would be like taking a paper document and manually re-typing its contents following a strict letter-substitution scheme.  After successfully making the substitution, it doesn't really matter whether the document is in a strong box or not: without knowing how to decipher the contents, the document is safe (because it looks like gibberish to the untrained eye).

Why Choose Disk Encryption?

Let's look back at the "paper world" example I've given.  Would you choose placing a document in a strong box or re-typing everything (and typing it back when you need to read it, and then re-typing it back when you're not, and then typing it back...you get the idea) when you need to ensure a document's security?

Most people choose the former.  Placing a document in a strong box is more practical and efficient and (arguably/potentially) provides more security because it's so simple.  For example, what if someone filches a document because you're so occupied re-typing some other document?

The same argument holds in the electronic realm, despite the fact that a computer is doing all the "rewriting."  In this era of exploding content, it'd be quite the chore to identify the files that require protection and then applying encryption to them.  You could have hundreds or thousands of them.  Plus, due to how computers operate, temporary files that are duplicates to what you're working are written all the time, unbeknownst and untrackable to you.  You cannot apply file encryption to such files since it'd be impossible to identify them in the first place.

Over 60% of all data breaches are credited to the loss or theft of computers and their hard disks.  In such an environment, the use of disk encryption like AlertBoot -- where everything that resides on a computer -- is the better solution.

 
<Previous Next>

Full Disk Encryption: Prince William County Elementary Hard Disk Disappears, Found

Disk Encryption in Mac OS X Lion

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.