You keep tons of sensitive data on your devices whether you realize it or not. Sensitive information could include saved emails, chat logs, web history/cookies, business documents, information under NDA, customer data, payment information, financial data, and more. If your device is ever lost and stolen, without encryption, anyone could open up your unlocked device and go through ALL of it. They won’t even need your login password if your device doesn’t have encryption, they can just pop the hard drive into another computer and go to town!
Use full-disk encryption (FDE) on your devices. It is when your device encrypts all the data on it and only decrypts it in real time as you’re using the device. Once you’re not actively using the device (locked, sleeping, shut down, etc), FDE automatically keeps the data encrypted! It’s built into almost all operating systems (OS’s) now and doesn’t reduce the performance of your device in any noticeable way. Most major OS’s are using modern encryption algorithms that are uncrackable by all but large government agencies that would have to specifically target you AND commit a ton of resources. This also means there’s no way to recover the data if you lose your encryption keys or password. In a nutshell, if your device is ever stolen, or you leave it lying around by accident in a cab, the data on it is safe and can’t be read or used maliciously by anyone.
On Windows, use the built-in BitLocker:
On macOS, use the built-in FileVault:
On iOS, enabling a passcode enables encryption automatically:
On Android, you can enable encryption in the settings and make sure to set a device password!
Remember! Make backup codes. Most encryption systems will help you make backup codes. Without these, if you forget your password, you will not be able decrypt your data (which is why ransomware works…)