Stolen Laptop? Think Encryption

When your laptop is lost or stolen, you aren’t just out $800 (or more). Your personal information is also accessible to whoever takes it, even if you have a password.

“Unfortunately, a typical password-protected user account does nothing to protect your data,” says Dennis Stewart, a security engineer at CipherTechs. “While the password will prevent someone else from logging into your computer, an attacker can still use other methods to copy files off.” If thieves remove the hard drive and put it into another computer, they have access to any files you have stored on it. In some cases, they can even reset the password on your PC and gain access to your email, passwords and other personal information.

Thankfully, you can protect your data against both of these types of attacks with encryption. “Encryption is a mathematical process used to jumble up data. If important files or whole devices are encrypted, there is no way to make sense of them without the key,” Mr. Stewart said. That means if thieves try to access your information, they’ll find only a jumbled mess unless they have your password, and they won’t be able to simply reset that password if the device is encrypted.

Encrypting your hard drive isn’t some super-technical process that only security experts can perform, either — anyone can do it on his or her computer at home, and it should take only a few minutes to get up and running.

If you have a Windows laptop, you have a few options. Some Windows 10 devices come with encryption turned on by default, and you can check this by going to Settings > System > About and scrolling down to “Device Encryption.” You’ll need to log into Windows with a Microsoft account in order for this feature to work, but if your laptop offers it, it’s an easy and free way to protect your data.

If your laptop doesn’t support Device Encryption, you can use Windows’ other built-in encryption tool: BitLocker. BitLocker is available only on Professional versions of Windows and above (a $99 upgrade for Home edition users), but it’s incredibly easy to set up. Just head to Windows’ Control Panel > System and Security > Manage BitLocker. Select your operating system drive and click the “Turn On BitLocker” button, following the prompts to create a password that will function as your encryption key. Be sure to store your BitLocker key in a safe place — somewhere not on that computer — in case something goes wrong!

If neither of those is an option, a free program called VeraCrypt can encrypt your entire hard drive, requiring your password when you boot your computer. It’s not quite as simple, straightforward and built-in as Windows’ Device Encryption and BitLocker, but if it’s your only option, it’s worth looking into.

Mac laptops are much more straightforward: All modern Macs (since about 2003) have a feature called FileVault that encrypts your entire system drive. Just open your Mac’s System Preferences, head to Security & Privacy and select the FileVault tab. Click the “Turn On FileVault” button to create a password and begin the encryption process. Store your key in a safe place (not on that computer) in case you ever get locked out.

Thankfully, modern iPhones and Android phones will automatically encrypt your data as long as you use a PIN or password, so you need to worry about enabling the feature only on your desktop and laptop computers. If you have an Android phone with an SD card, however, you can enable encryption for the SD card manually from the Lock Screen and Security settings.

There is one catch to encryption: Your password is much, much more important to remember. Data may be protected from intruders, but it’s also impossible for you to access should you forget your password or recovery key. “If a user forgets or loses their key, they’re out of luck,” says Mr. Stewart. “If a bad actor can’t get at your data without the key, you can’t, either.” Some businesses may grant IT departments a master key, but not all do, and this can’t be done retroactively.

So if you’re the type of person who forgets passwords often, it’s incredibly important you write it down — along with the recovery key you were given when you performed the above steps — and keep it in a safe place. Don’t keep it on the computer you encrypted and don’t keep it out in plain sight — put it in a physical safe that only you can access. And no matter what, always keep a good backup of your data, either on another hard drive (which you should also encrypt) or with a cloud service like Backblaze that keeps your data secure.

Whitson Gordon is a writer and editor in San Diego. Follow him on Twitter: @whitsongordon     A version of this article appears in print on March 15, 2018, Section B, Page 6 of the New York edition with the headline: Was Your Laptop Stolen? All Is Not Necessarily Lost.

Be the first to comment

Leave a Reply

Your email address will not be published.


*