What would happen if your company data fell into the wrong hands? It’s easier than you might think.
Most security breaches are down to human error. People have long been the weakest link when it comes to data security – and they are especially good at losing digital devices like laptops, tablets and smartphones. The ones they use at work. The ones carrying their employers sensitive data. Your data perhaps?
The laptop left in the pub; the smartphone lost in a taxi. As sure as the sun will rise, someone will lose something. It’s costly, annoying and inconvenient. But that’s nothing compared to the implications for the business. Breaching GDPR, fines, lost intellectual property and not to mention reputational damage.
And don’t think passwords or fingerprint security will offer enough security – the data can still be accessed in the wrong hands.
But it doesn’t have to be this way. Not with Full Disk Encryption.
But what is Full Disk Encryption
Put simply, it protects your data and stops others from reading it. That’s why you need it. It’s quite easy to set up too. You can even work while it’s being installed.
Full Disk Encryption (FDE) works by automatically converting data (all files, the software you use, pictures, videos and all other files stored on your machine) on a hard drive into a form that cannot be read by anyone who doesn’t have the key to ‘undo’ the conversion.
Without a proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. If it sounds like a lot of work to install, it’s not. In fact, it comes as standard with all the major vendors – Apple, Microsoft, Android – more on that later.
When you should use it?
We can’t think of a reason not to.
Just ask yourself “If my/my employee’s laptop gets stolen, what corporate data or sensitive files are on it?” If you are fully confident there’s none, great! But if your answer is anything besides “None” – than Full Disk Encryption is definitely for you.
What’s more, if you have personal information on a laptop and you lose it, you need to report this to the Information Commissioners Office (ICO) – this is a GDPR requirement. If you have encrypted it, you don’t.
A survey by tech company Kensington revealed that 86% of IT practitioners report that someone in their organisation has had a laptop lost or stolen, with 56% of them reporting that this resulted in the data breach.
Therefore, if your laptop is used for business purposes – encrypting it will considerably add to your data security.
- Security – access to data and information is only provided after you successfully authenticate by entering your password. Fully encrypted disk makes it much harder for hackers to compromise your stolen/lost device.
- Ease of use – it’s automatic. It happens as soon as the data is stored in the hard drive. You don’t even need to think about it. And you aren’t going to make any errors either.
- Compliance – for several compliance regulations, FDE may be required to pass an audit.
If you have personal information on a laptop and you lose it, you need to report this to the Information Commissioners Office (ICO) – this is a GDPR requirement. If you have encrypted it, you don’t.
If an encrypted drive gets corrupted or crashes all the stored data might get lost permanently. This is why we highly recommend that you regularly backup your machine to the cloud service or an external hard drive.
It’s worth mentioning that If you lose your key (the one you get when you begin encryption) and password – you will lose access to your computer. But if someone else gains access to the key or password, they will able to decrypt your files – so make sure you store it in a safe place.
For our clients, we have a centralised method of storing all of their keys safely and can easily recover those when required.
How to deploy FDE?
The process to encrypt hard drives has now become quite simple and is supported by all the major vendors with step-by-step instruction guides.
For example, Apple offers built-in encryption for OS X systems, Microsoft Windows offers its own native encryption software through BitLocker – but it’s only included into Pro, Enterprise and Ultimate versions and not Home editions, which is what often comes pre-installed on Windows laptops.
At Stellarise we strongly recommend using Windows Pro or Enterprise editions for your business only.
Things to remember
Please make sure you remember these key things when you plan to deploy FDE on your machine/in your team:
- Back up your encryption key and password. We advise it to be saved in at least 2 places, moreover, it’s good if these places are offline for extra security (but not on a post-it sticker on your monitor!).
- After you have fully encrypted your hard drive, we recommend regular backups. We suggest doing so once a week (more often required because of critical files being modified daily, for example).
How Stellarise can help
If you feel that you really can’t take the risk without FDE, then Stellarise can help you deploy it quickly and easily to your entire organisation. Contact us today to discuss your IT security arrangements.
Keep in mind that FDE encryption is only one part of a complete security plan for protecting your business computing devices and confidential data.
Download our Cyber Security brochure to see the full range of security services we offer.