Full-Disk Encryption (FDE) is the encryption of all data on a disk drive. It’s often done by disk encryption software installed on the hard drive during manufacturing. Users who operate Macs have ‘FileVault‘ for their disk encryption tool where Windows users have ‘BitLocker‘. FDE changes all data into a sequence that’s only understood by the one who has the key to decrypt the encrypted data. An authentication key is used to reverse conversion and make the data readable.
FDE helps prevent unauthorized drive and data access, improving the security of that entire device. Encrypting the entire device helps ensure all data on the device is secure, not just selected files and folders. Since encryption and decryption are done as needed, the end-user doesn’t need to remember to encrypt specific files, It happens automatically.
What does this mean for an SMB?
One of the actions that must be taken by businesses with confidential and sensitive data stored on laptops and workstations is Full-Disk Encryption. The encrypting of a device’s data can help improve the security of those devices, potentially reducing harm if a hacker was to gain access to that device.
An alternative to FDE is to store critical and sensitive files on centrally located File Servers that are encrypted in this fashion. This has the added advantage of providing a centralized place for backups, monitoring, and file permissions. Those are all valuable measures to protect and safeguard your data.
In addition to encrypting your disk, CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:
- Adopt two-factor authentication on all critical Internet-accessible services
- Adopt a password manager for better personal/work password hygiene
- Require 14+ character Passwords in your Governance Policies
- Follow a 3-2-1 backup method for all critical and sensitive data
- Train employees to spot and avoid email-based phishing attacks
- Check that employees can spot and avoid phishing emails by testing them
- Document and test Business Continuity Disaster Recovery (BCDR) plans
- Perform a risk assessment every two to three years
Start building your robust, defense-in-depth cybersecurity plan today with CyberHoot.
To learn more about FDE, watch this short 5-minute video:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.