In 2017, the FBI failed to break into nearly seven thousand smartphones because of encryption (opens in new tab). There are some who believe this is a bad thing. After all, how can law enforcement do its job if it cannot access critical files on a criminal's device?
Ultimately, however, encryption is an important step in protecting both yourself and your privacy. That applies to your PC just as much as it does your smartphone, too. Unfortunately, most people don't pay that much mind.
They leave their most important and most sensitive information unencrypted, open to anyone who might manage to gain access to their system. If that isn't concerning to you, it likely should be. There is always a chance that something will go wrong, no matter how seriously you take your security and privacy.
Maybe you misplace a laptop containing a ton of personal or private photographs. Maybe a criminal manages to exfiltrate sensitive work documents you've stored on your computer.
The simple idea that someone could be snooping on your files at all should be disturbing to you - and that's where encryption comes in.
What is file encryption, exactly?
Given that we've covered encryption at least once before in our discussion of ransomware (opens in new tab), you may have a somewhat dim opinion of encryption. After all, it seems that more often than not, the topic of file encryption comes up in the same breath as cyber-crime. Thing is, ransomware is an example of someone maliciously using a tool which, in the right hands, can actually go a long way towards protecting your data when it's at-rest (not being actively transferred between systems).
In the context of our current discussion, you might think of encryption similarly to storing important physical documents in a safe. Anyone who doesn't have the key or combination won't be able to get to those documents. How it works, is at least on the surface, fairly simple.
The assets being encrypted are locked behind a sort of code, known as an encryption algorithm. This algorithm then has a unique key assigned to it. In the case of encryption for at-rest data, that key is protected by a password or pin.
This can be applied to individual files, groups of files, or even entire drives. And while encryption can feasibly be broken, it's not something that happens often. Generally speaking, provided your algorithm follows either the Advanced Encryption Standard (AES) or uses Rivest-Shamir-Adleman (RSA), you should be in the clear.
Why does encryption matter, exactly?
Most people have at least a few personal files on their computer they'd rather not be subjected to prying eyes. Encrypting that helps keep that data private, locking it away from anyone who doesn't have the passcode. It isn't just a matter of privacy, either.
If you're like most people, the files on your PC likely contain a wealth of data about who you are, from personal photos to personally-identifiable information. Information that could, in the wrong hands, be used to commit fraud or identity theft. Granted, hackers are likely to look elsewhere first for this data, but it's nevertheless important to cover all your bases.
There's also the matter of business data. More people than ever are now working from home on a regular basis, a trend that is likely to continue for the foreseeable future. Much of the time, this involves using security solutions such as remote desktop protocols and virtual private networks (though not everyone uses these securely (opens in new tab)).
However, in many cases, you're going to be regularly downloading and working with sensitive files from your home desktop. This is doubly true if you're an entrepreneur or an independent contractor. It is your responsibility to ensure that these files are kept safe and that they do not fall into the wrong hands.
Encryption, when coupled with other best practices, enables you to do exactly that. Depending on your industry, you may even be required to use it.
Best practices for encrypting your data
Your first step before encrypting your data should be to create at least two unencrypted backups. That way, if you mess up and end up forgetting your password or pin, you aren't permanently locked out of your data. You can either use an external hard drive or an online backup service for this.
Next, you should think carefully about what you want to encrypt. You don't need to lock everything down, after all. Stuff like creative work, corporate files, personal photos, and anything else that contains sensitive information should have additional protections assigned to it.
Anything else is probably fine.
Once you've figured out what you want to lock down, your next step is to choose an encryption method. The good news is that Windows 10 actually has built-in full disc encryption via Bitlocker. To enable and configure it, do the following.
Here's where Bitdefender Total Security 2020 comes in (opens in new tab). It's got a built-in password manager, allowing you to easily keep track of whatever passcodes you've assigned to your drives, ensuring you won't get locked out of anything you've encrypted. This is in addition to Bitdefender's other functionality, which includes automated, built-in backups, advanced malware and ransomware protection, and the ability to prevent unauthorized changes or access to your most critical files.
If you have more than one system you need to protect, you can also purchase the Bitdefender Family Pack (opens in new tab), which allows you to install Bitdefender Total Security 2020 on up to 15 devices.
Oft-neglected, file encryption is every bit as important to your privacy and security as anything else. Combined with a bit of mindfulness, strong passwords, and the right security software, it's critical to keeping both yourself and your data safe.
Much of our series thus far has focused largely on digital threats such as malware, ransomware, and fraud. But these aren't the only things you'll face online, and not every digital inconvenience is necessarily as dangerous to you as a virus. Next time, we'll take a look at one of the most egregious problems on the web - spam.