Full Disk Encryption: Do We Need It?
Companies should consider implementing full disk encryption alongside other encryption methods on mobile devices.
Let’s be honest for a moment: when it comes to cyber security habits, companies aren’t typically interested in investing the proper time, resources and infrastructure changes necessary to properly secure their systems and networks for the sole purpose of good security posture. There are two major factors that motivate companies to follow good cyber security habits: laws or mandatory regulations and the fear of becoming the next major breach to explode across news headlines which could result in the loss of finances and company reputation. Conversely, as security professionals, it is our job (and hopefully our passion) to introduce new technologies, methods, policies and procedures that will help the company achieve a better security posture. It’s time that companies consider implementing full disk encryption alongside other encryption methods on their mobile devices.
Full disk encryption is a cryptographic method that applies encryption to the entire hard drive including data, files, the operating system and software programs. This form of encryption is comparable to the protection of your home. Just as locking all exterior entrances is an efficient way of ensuring that no unwanted visitors enter the interior living spaces of your home, full disk encryption places an exterior guard on the internal contents of the device. Unlike past iterations of full disk encryption, the process to encrypt hard drives has become quite simple and is supported by all the major vendors. For example, Apple offers built-in encryption for both the mobile IOS and the desktop OS X systems, Microsoft Windows offers its own native encryption software through BitLocker, and Android also supports encryption out of the box. However, because BitLocker is only available for higher-end versions of Windows, lower-tiered versions of Windows can utilize third-party encryption programs such as VeraCrypt.