Is disk encryption slowing down your computer? | Biden News


Digitally generated image of data

If you forget your password, you are indistinguishable from a hostile intruder and will be treated as such, which means you will be locked out of your encrypted data.

Getty Images

Disk encryption is absolute magic for most non-mathematicians. And like any complex technology, it leads to uncomfortable questions.

Does disk encryption make it less likely that data can be recovered by utilities after a crash? Does disk encryption increase errors and failures? Does encrypting the disk make it difficult to move to a larger boot disk? Just what are the pros and cons for the average computer user in a home or small business without a full-time IT department?

Also: How to encrypt your email and why you should

Make no mistake about it, disk encryption is a powerful security precaution. Using strong disk encryption means that your data is under your control and only your control An unauthorized intruder who is able to gain access to that encrypted data, but doesn’t have proper login credentials (your username and password) or a recovery key, can see what looks like pure gibberish. And brute force techniques are not effective. Even with the assets of the world’s most powerful intelligence agencies, it can take years or even centuries to crack that code and decipher the underlying data.

On computers designed for Windows 10 and Windows 11, the system drive is encrypted by default, but that encryption uses a clear key. The encryption doesn’t protect your data unless you sign in with a Microsoft account that protects the data and also stores a recovery key in OneDrive. On computers running the Pro and Enterprise editions of Windows, you can enable BitLocker Drive Encryption, which is capable of encrypting any drive, including removable drives such as USB flash drives.

Also: This is how fast a ransomware attack encrypts all your files

Modern Macs also offer built-in encryption using a feature called FileVault.

And now the bad news: If you forget the passphrase or password that’s needed to decrypt that data, the encryption software has no way of distinguishing you from a hostile intruder, meaning you’re locked out of your encrypted data.

That’s not a bug, it’s a feature. A backdoor that would allow you to recover your data without the decryption key would also be available to an attacker, rendering the data protection useless.

But that’s the only difference between an encrypted disk and one where the data is stored in clear. If your drive or controller fails, resulting in data corruption, it doesn’t matter if the data is encrypted or not; you will need a backup to recover the damaged files. And on modern hardware, encryption and decryption using the AES standard takes place in the CPU, which means that any impact on data transfer speed is negligible.

That means your biggest challenge is making sure you have access to the backup encryption key for your device, to use only in case of an emergency. On a Mac using Apple’s FileVault encryption, you can store the recovery key in iCloud or locally (follow the instructions in this support article). For devices running Windows 10 or Windows 11, follow the instructions in ZDNET’s BitLocker FAQ.

Also: How to encrypt a folder in MacOS to keep sensitive data from prying eyes

Make sure you store that recovery key in a safe place. If you can provide that key on demand, you have full access to the data on the encrypted drive.


Source link