in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Why Laptop Encryption Beats File Encryption When It Comes To Data Security

Of course, it doesn’t mean that you can’t use both (or that using both is not recommended).  But encrypting an entire laptop’s hard drive holds an ace over individual file encryption: convenient, one-stop security.

 

Once a computer’s entire disk is encrypted, the only thing the end user has to do is remember the username and password required to access the laptop.   This process is identical to typing the username and password in order to gain access into Windows, if the login prompt is set up.  But unlike the Windows prompt, encryption provides security, whereas the Windows prompt just provides the sense of security.  You can think of encryption as a Jumble word puzzle with a shot of testosterone (strong enough that even the US Government uses it to safeguard their own documents if they decide to use encryption, which is not as often as you’d think, based on the news), whereas the ordinary Windows username and password is the gray, silver layer on instant-win lottery tickets that is easily scratched off with your fingernail.  The latter does the job of hiding information admirably, but nobody in the world would claim it to be “secure.”  Would you trust your bank account information on such a gimmick?

 

So why encrypt the entire disk over encrypting individual files?  In the old days, encrypting an entire disk had its downsides: there was a performance hit, for example, and you’d notice that you computer was slower overall.  In those same old days, though, a computer weighed over thirty pounds, including the CRT monitor with burnt-in screen, keyboard, mouse, and CPU and it’s chassis.  Things have changed as technology has progressed, and whole-disk encryption is a completely transparent addition to any computer, be it a desktop or a laptop (or a smartphone, for that matter).  Well, it is if you’re using AlertBoot.  And “transparent” in this case means that the user doesn’t notice it at all: when it gets installed; when it’s encrypting; when the computer is fully protected.  We can thank advances in computer speed for that, and of course, advances in computer technology.

 

However, advances in technology have also brought forth problems as well.  When computers operate, they use swap files, temporary files, browser cookies.  Users decide to save information on a temporary basis, but forget to delete them afterwards.  Files may be deleted, but are easily recovered with the correct—and easily affordable—software.  If one were to use file encryption, and encrypt files one by one, that person might give up because there would be many different files to encrypt.  It especially becomes problematic if a person has to hunt down files that are created automatically, such as temporary files that may contain sensitive information.  Instead of creating a complex set of policies to ensure that all bases are covered, whole-disk encryption would be a simpler—and due to its simplicity, a more effective—solution.

 

Plus, if and when a computer gets lost, stolen, or misplaced, the aftermath is easier to deal with.  The public is alerted that a laptop that was encrypted was lost.  That’s it.  In fact, under the celebrated (to a degree, by consumer and privacy advocates) California laws concerning data breaches, encrypted devices that are stolen do not require a public announcement.  And, the time not spent on PR efforts can be spent on finding ways to prevent a replication of whatever scenario let to potential data breach in the first place.

 

However, with file encryption, there would always be the question of “well, did our complex set of encryption policies provide the protection for the correct files?”  And that question is hard to answer; it will require a lot of manpower to find the answer to that one, with IT personnel going through backups and audit reports.  And while waiting for the results, there will be a lot of speculation, recrimination, finger‑pointing, and other public issues that the affected company will have to deal with.

 
<Previous Next>

Tomorrow Is Computer Security Day. Change Your Passwords To Enhance Your Laptop Protection

The Eight Myths Of Data Encryption: Laptop Security Is More Attainable Than You Think

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.