Full-Disk Encryption (FDE)

6th July 2021 | Cybrary

Full-Disk Encryption (FDE) is the encryption of all data on a disk drive. It’s often done by disk encryption software installed on the hard drive during manufacturing. Users who operate Macs have ‘FileVault‘ for their disk encryption tool where Windows users have ‘BitLocker‘. FDE changes all data into a sequence that’s only understood by the one who has the key to decrypt the encrypted data. An authentication key is used to reverse conversion and make the data readable.

FDE helps prevent unauthorized drive and data access, improving the security of that entire device. Encrypting the entire device helps ensure all data on the device is secure, not just selected files and folders. Since encryption and decryption are done as needed, the end-user doesn’t need to remember to encrypt specific files, It happens automatically.

What does this mean for an SMB?

One of the actions that must be taken by businesses with confidential and sensitive data stored on laptops and workstations is Full-Disk Encryption. The encrypting of a device’s data can help improve the security of those devices, potentially reducing harm if a hacker was to gain access to that device.

An alternative to FDE is to store critical and sensitive files on centrally located File Servers that are encrypted in this fashion. This has the added advantage of providing a centralized place for backups, monitoring, and file permissions. Those are all valuable measures to protect and safeguard your data.

In addition to encrypting your disk, CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

Adopt two-factor authentication on all critical Internet-accessible services
Adopt a password manager for better personal/work password hygiene
Require 14+ character Passwords in your Governance Policies
Follow a 3-2-1 backup method for all critical and sensitive data
Train employees to spot and avoid email-based phishing attacks
Check that employees can spot and avoid phishing emails by testing them
Document and test Business Continuity Disaster Recovery (BCDR) plans
Perform a risk assessment every two to three years

Start building your robust, defense-in-depth cybersecurity plan today with CyberHoot.

To learn more about FDE, watch this short 5-minute video:

Sources:

NIST Glossary

Techopedia

Study

Additional Reading:

Demystifying SSD Security

Encryption Use Cases, Benefits, Alternatives

Related Terms:

Encryption

Quarantine

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:

Blog
Cybrary (Cyber Library)
Infographics
Newsletters
Press Releases
Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.