Even if you normally protect your user account with a decent password, that doesn\u2019t truly protect your data if someone decides to swipe your device. For many computers, the drive can simply be removed and plugged into another system, or the computer can be booted from an external drive and the data can be copied to that drive. Android phones and tablets can be booted into recovery mode and many of the files on the user partition can be accessed with freely available debug tools. And even if you totally wipe your drive, disk recovery software may still be able to read old files.<\/p>\n
Encrypting your local storage makes all of that much more difficult, if not impossible. Anyone trying to access your data will need a key to actually mount the drive or read anything off of it, and if you wipe the drive the leftover data that can be read by that file recovery software will still be encrypted even if the new data on the drive isn\u2019t.<\/p>\n
There are a few downsides. If you yourself lose the key or if your drive becomes corrupted, for example, it might be more difficult or impossible to recover data. It can slow down performance, especially for devices with processors that don\u2019t provide hardware acceleration for encrypting and decrypting data. But, by and large, the benefits outweigh the drawbacks, and the slowdown for modern devices should be tolerable-to-unnoticeable.<\/p>\n
iOS: Don\u2019t worry about it<\/strong><\/p>\n As of iOS 8, as long as you set a passcode, your personal data gets encrypted. Apple\u2019s security whitepaper (PDF) for iOS 8.3 and later specifically says that \u201ckey system apps, such as Messages, Mail, Calendar, Contacts, Photos, and Health data values use Data Protection by default, and third-party apps installed on iOS 7 or later receive this protection automatically.\u201d<\/p>\n The company also claims that every current iDevice features \u201ca dedicated AES 256 crypto engine built into the DMA path between the flash storage and main system memory,\u201d which ought to limit the impact of this encryption on system speed.<\/p>\n OS X: FileVault<\/strong><\/p>\n Starting with OS X 10.7 (Lion) in 2011, Apple began supporting full-disk encryption with FileVault 2. In more recent OS X versions, some Macs even offer to encrypt your storage as part of the first-boot setup process, though it\u2019s not the default as it is in iOS.<\/p>\n To encrypt your drive after the fact, go to the Security & Privacy pane in System Preferences, and select the FileVault tab. Click Turn On FileVault and you\u2019ll be offered a pair of options: store the key used to unlock your disk somewhere yourself, or choose to store it in your iCloud account. A local recovery key keeps that key off of another company\u2019s servers, but leaves you without recourse if you lose it and you\u2019re locked out of your system. If you do store your key in iCloud (or even if you don\u2019t, for that matter), we strongly recommend enabling two-factor authentication for your Apple ID.<\/p>\n Encrypting your disk doesn\u2019t drastically change the way that OS X works\u2014you just need to put your account password in to unlock the disk before the operating system boots instead of afterward. You\u2019ll also need to specify which local users\u2019 logins can decrypt the disk. Otherwise, just the account that enabled FileVault will be able to turn the machine on. If you ever need to decrypt your Mac, it\u2019s pretty easy if you can log in to the computer or if you have the key available.<\/p>\n Generally speaking, performance for encrypted devices declines less for newer Macs with hardware acceleration\u2014most Core i5s and i7s can do it, but Core 2 Duo Macs cannot.<\/p>\n Android<\/strong><\/p>\n Despite past promises, new Android devices still aren\u2019t being encrypted by default. Default encryption is an option for OEMs, but outside of Google\u2019s Nexus devices few if any companies are choosing to enable the feature on their phones.<\/p>\n You can still encrypt any relatively modern version of Android pretty easily\u2014these specific steps work for Nexus devices or anything running near-stock Android, but the process should be similar if your phone is using a skin.<\/p>\n Open the Settings app, go to Security, and then tap \u201cencrypt phone\u201d to get the process started. Your phone may ask you to plug it in or charge the battery to a specific level before it will give you the option to encrypt, mostly because interrupting this process at any point is likely to completely corrupt your data partition. You\u2019ll need to protect your phone with some kind of PIN or pattern or password if you haven\u2019t already, and as in OS X your phone will probably require it before the operating system will boot.<\/p>\n To confirm that your phone was encrypted, go to Settings and then Security and look for a small \u201cEncrypted\u201d badge under the \u201cEncrypt phone\u201d menu item. If your phone already says it\u2019s encrypted, you may have one of the new post-Lollipop phones that came with encryption enabled out of the box.<\/p>\n Depending on your phone, encrypting your Android phone or tablet can significantly impact performance. This is the worst for older or slower devices, which can use slower flash memory and filesystems and lack hardware encryption acceleration. The experience is better on newer phones with 64-bit ARMv8 processors and higher-end, faster storage.<\/p>\n Additionally, if you need to decrypt the device later on, there\u2019s no way to do it without wiping and resetting the phone. If your phone came encrypted out of the box, though, there\u2019s no way to decrypt the device without making more extensive software modifications.<\/p>\n Finally, in Android Marshmallow, the Android phones that include external storage are able to encrypt and protect the data on those cards as well as on internal storage.<\/p>\n","protected":false},"excerpt":{"rendered":" The worst thing about having a phone or laptop stolen isn\u2019t necessarily the loss of the physical object itself, though there\u2019s no question that that part sucks. It\u2019s the amount of damage control you have to do afterward. Calling your phone company to get SIMs deactivated, changing all of your account passwords, and maybe even … Continue reading Phone and laptop encryption guide: Protect your stuff and yourself<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[193,198,199],"class_list":["post-486","post","type-post","status-publish","format-standard","hentry","category-software-updates","tag-ios","tag-laptop-encryption","tag-phone-encryption"],"_links":{"self":[{"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/posts\/486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/comments?post=486"}],"version-history":[{"count":1,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/posts\/486\/revisions"}],"predecessor-version":[{"id":498,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/posts\/486\/revisions\/498"}],"wp:attachment":[{"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/media?parent=486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/categories?post=486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dogoodsoft.com\/blog\/wp-json\/wp\/v2\/tags?post=486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"Phone](\"https:\/\/www.dogoodsoft.com\/blog\/wp-content\/uploads\/2015\/08\/Snap9.jpg\")
<\/a><\/p>\n<\/p>\n