Encrypt Your PC, Phone, and Tablet Now. You’ll Regret It Later If You Don’t

Imagine you go on your dream vacation and all your things are stolen after your hotel room is burgled or your car is broken into. Clothes and toothbrushes are easy to replace, but your devices are a potential treasure trove for thieves to exploit.
Unfortunately, this story is all too real–in fact, it happened to one of my friends just last month.


The problem is that anything on your devices that is private or potentially sensitive. You may not save your bank statements and world domination plans on your computer, but do you save your passwords in your browser? Do you stay logged into your email? Do you have access to anything work-related at all? That kind of stuff can lead thieves right into your life. Even if your user account has a password, it’s trivial to get past that if your device isn’t encrypted.
If your device is encrypted, however, almost no one will be able to access the data within–as long as you have a good password or screen lock, and your device wasn’t confiscated by the FBI.
So if you haven’t done so, take some time today to encrypt all your devices–your laptop, your phone, your tablet, and anything else you may have. It’s quick and easy, and you’ll be much safer if the worst happens. You never think you’ll need these things until it’s too late. (Before you encrypt, though, make sure you’ve backed up your computer–if you forget your password or your drive fails, you will not be able to access your data, so backups are doubly important when you encrypt!)

Windows

A lot of Windows 10 PCs (particularly tablets and hybrids) now ship with encryption enabled by default. To check and see if yours has encryption already running, go into the Settings and click System > About. From there, you can turn Drive Encryption on if your device supports it.

If you don’t see anything related to Device Encryption, then your device may not support it. However, if you have Windows 7, 8 or 10 pro or above, you can still encrypt your computer using the built-in BitLocker tool, which has been part of Windows for quite some time. (Yes, it’s confusing, Windows has two different built-in encryption options.)
If you only have the Home edition of Windows, and don’t have access to Drive Encryption or BitLocker, you can use third-party software like VeraCrypt to encrypt your drive. Also, on Windows 7, we should note that BitLocker only comes with the Ultimate and Enterprise versions.

To enable BitLocker, go into the Control Panel and click on “BitLocker Drive Encryption”.

If BitLocker is turned off, then there will be a link that says “Turn on Bitlocker” next to your drive(s). At the very least, you want to encrypt your system drive, which is usually the C: drive on most Windows computers. If you’re using a laptop, then chances are you only have one hard drive to worry about anyway.
Encryption isn’t normally enabled by default on Windows 7 or 8.1. If you use a Windows laptop, then it’s a really good idea to make sure it is.

OS X

All Macs come with FileVault, Apple’s built-in encryption. It is not, however, enabled by default. To enable it, open the System Preferences and click on “Security & Privacy”, then open the FileVault tab.

FileVault is turned on for this laptop, so we don’t need to enable it.

You will have to click on the lock icon in the lower-left corner to make further changes. If FileVault is not enabled, then click the button that say’s “Turn on FileVault” and then follow any further prompts to start the encryption process.
FileVault doesn’t add much in terms of system overhead, and the peace you gain from knowing your files are protected is invaluable. We think everyone should turn this on.

iPad and iPhone

iPads and iPhones are good about encrypting by default. In fact, the chance that your device isn’t encrypted is probably pretty small, especially if you’re using a passcode. Data encryption on iOS is tied to your passcode, so make sure you pick a number that is hard to guess and that you use a stronger 6-digit passcode versus a weaker 4-digit one.

This diagram from Apple’s iOS security guide gives a simple overview of how encryption on iOS works and how essential the passcode (outlined in red) is to protecting your device from prying eyes.

You can also use an arbitrary length alphanumeric key. Again, if you use this type of passcode, make sure it is hard to guess.
If you are still using a 4-digit passcode, then you can set a stronger one by opening the Settings on your device, then tapping open “Touch ID & Passcode” and then “Change Passcode”.

You will first need to enter you old 4-digit passcode and then enter your new passcode and then do it again to confirm. If you want to use an alphanumeric key, then tap “Passcode Options”.

If you want to fully verify that your device is encrypted, scroll to the bottom of the Touch & Passcode settings and check to see if it says “Data protection is enabled”.

As we said, the days of unencrypted iOS devices are a dwindling memory. When you now set up any new iPad or iPhone, it will be automatically encrypted.

Android

Android, on the other hand, typically still requires you to manually set up encryption on your phone or tablet. Some newer devices come with encryption enabled by default, but many don’t–thankfully, it’s easy to do.
On the majority of Android devices, you simply need to open the Settings and tap “Security”. In the Security options you’ll see the encrypt option.

Encrypting your phone, tablet, laptop, or desktop computer isn’t just good from a security standpoint, it’s virtually required if you travel or work on the road.
No matter how careful you are, you just can’t guarantee you won’t lose your device at the hands of thieves or a momentary memory lapse.
That said, if you do decide to encrypt your phone, remember that it won’t make a bit of difference if it has a weak password or screen lock. So, be sure to take the time to strengthen the security of your device in that way as well.

By Matt Klein