M-209 cryptographic device.

Cybersecurity Basics:
Encrypting Mobile Devices

Consider Encrypting Smart Phones and Tablets

Consider encrypting the storage on phones and tablets. I don't, because I don't use my phone for email and I don't store any sensitive data on it. Yes, I use the KeePassX password manager, but remember that it stores its database in encrypted form.

But if you store any sensitive data on your phone, and this might include pictures (and please don't tell me the details of your pictures you don't want anyone to see), you should encrypt the phone's storage.

Be careful about installing apps. Especially on Android where there is less checking, but people have sneaked in malicious iPhone app activity at times.

And, of course, install all updates for your phone's operating system and your apps.

Maybe Encrypt Your Laptop

Finally, consider your threat environment. What do you store on your laptop? (Don't forget about email messages) And how likely is it that someone will steal your laptop, or otherwise try to access data stored on it?

You might want to encrypt your laptop's disk. However, this makes periodic backup of the plaintext version much more important.

Microsoft has BitLocker, MacOs has FileVault, and Linux supports a variety of disk encryption systems.

Windows 7 Control Panel > System and Security

Notice the BitLocker choice.

Encrypting External Media

Many USB memory sticks and some high-capacity external disks now include encryption software.

The software they include is generally Windows-only. On Windows you may not be able to avoid using it. That's good for very high-security settings, but it's an annoyance at best for the typical home user. On Linux or other operating systems, it's a distraction. A second storage device appears, but you can't use it.

Some of these devices are marketed with silly "Military-Grade" claims that don't really mean anything.

Encryption Can Lead to Loss

Information security professionals talk about CIA, standing for Confidentiality, Integrity, and Availability. The more obvious terms for non-specialists are Secrecy, Accuracy, and Reliability, but those doesn't make for a catchy acronym. And now we reach the last insight for this series of pages:

Confidentiality and availability conflict with each other. The harder you try to keep secrets, the greater your chances of losing access to your own information. And the more backup copies you store in the interest of availability (or reliability), the more likely one of them will get out.

It's another one of those trade-offs. If one is to go up or get better, the other must go down or get worse. Let's say you encrypt your backup copies of your files, or you simply make a backup copy of the entire encrypted disk. You could easily forget or lose the key by the time you finally need to recover and decrypt the data.

The Integrity part can also cause trouble when you're decrypting data. A single bit error within an encrypted file will corrupt the entire result of trying to decrypt it.

Think about the secrets you are trying to maintain. If no one else should ever know it, and if you don't really need it, then don't keep it. Many corporate and government problems are caused by trying and failing to protect sensitive information that shouldn't have been collected in the first place.

Finally: Going further ❯