BND Hamburger Icon

Menu

Close
BND Logo
Search Icon
Advertising Disclosure
Close
Advertising Disclosure

Business News Daily provides resources, advice and product reviews to drive business growth. Our mission is to equip business owners with the knowledge and confidence to make informed decisions. As part of that, we recommend products and services for their success.

We collaborate with business-to-business vendors, connecting them with potential buyers. In some cases, we earn commissions when sales are made through our referrals. These financial relationships support our content but do not dictate our recommendations. Our editorial team independently evaluates products based on thousands of hours of research. We are committed to providing trustworthy advice for businesses. Learn more about our full process and see who our partners are here.

A Small Business Guide to Computer Encryption

Learn exactly what computer encryption is, how to use it and why it could save your company

author image
Written by: Andreas Rivera, Senior WriterUpdated Apr 11, 2024
Sandra Mardenfeld,Senior Editor
Business News Daily earns compensation from some listed companies. Editorial Guidelines.
Table Of Contents Icon

Table of Contents

Open row

It’s easy to take data security for granted. We’ve all left desktop computers logged in while unattended, momentarily misplaced mobile devices or sent sensitive files via email.

However, the internet is alive with bad actors ready to steal our devices and plunder their data for nefarious purposes. If a business can’t prove it’s taken all practical steps to protect that data, it may be subject to punitive fines and punishments if it falls into the wrong hands. 

One of the best ways to keep sensitive data safe (especially while in transit) is to encrypt it. However, many small business owners don’t understand how straightforward encryption can be and how critical it is to operations.

What is encryption?

Encryption can be a challenging concept to grasp, but it’s a critical aspect of protecting your business’s sensitive data. At a basic level, encryption is the process of scrambling text (called ciphertext) to render it unreadable to unauthorized users. This underlying principle has been in use for around 4,000 years. However, in recent decades, data security software has elevated encryption into an art form capable of defying even concerted attempts at unauthorized viewing.

You can encrypt individual files, folders, volumes or entire disks within a computer, as well as USB flash drives and files stored using cloud computing technology.

Types of computer encryption

There are several types of computer encryption:

  • Individual file and folder encryption: This method encrypts only the specific items you designate. It’s an acceptable encryption method if relatively few business documents are stored on a computer. It’s certainly better than no encryption at all.
  • Volume encryption: This encryption method creates a “container” that’s fully encrypted. All files and folders created in or saved to that container are encrypted.
  • Full-disk or whole-disk encryption: This method is the most complete form of computer encryption. It’s transparent to users and doesn’t require them to save files to a special place on the disk. All files, folders and volumes are encrypted. When powering on your computer, you must provide an encryption passcode or have the computer read an encryption key (a random string of letters and numbers) from a USB device. This action unlocks the files so you can use them normally.
Did You Know?Did you know
Encryption can help you avoid network security threats by ensuring your data's integrity and authenticity.

Encryption 101: How does it work?

Encryption is a digital form of cryptography that uses mathematical algorithms to scramble messages, leaving only individuals who possess the sender’s cipher or key able to decode the message.

There are two main methods of encryption: symmetric encryption, which involves securing data with a single private key and asymmetric encryption, which uses a combination of multiple public and private keys. Here’s how these methods work.

1. Symmetric encryption

The most common form of symmetric encryption is the Advanced Encryption Standard (AES), the U.S. government standard for encryption. Data in hexadecimal form is scrambled multiple times and utilizes 128-bit, 192-bit or 256-bit keys (the strongest) to unlock. Keys can be substituted with strong passwords, which become the only direct way to decrypt the data.

This method is best for encrypting files and drives. The only weak spot is the password, which hackers can break if it’s weak. However, they’re unlikely to strong-arm their way into encrypted data. Although 128-bit AES is a strong encryption key, most government regulations require the more robust 256-bit AES to meet certain standards.

2. Asymmetric encryption

Asymmetric encryption is used to send secure messages and other data between two individuals. On messaging platforms, such as most email services, all users have public and private keys.

The public key acts as a type of address and method for the sender to encrypt their message. That message is further encrypted with the sender’s private key. The receiver can then use the sender’s public key to verify the message sender and decrypt the message with their private key. A hacker who intercepts the message will be unable to view its contents without the receiver’s private key.

Key TakeawayKey takeaway
Encryption protects computer files and disks from unauthorized access, even on powered-down devices. This is crucial because many cyberattacks stem from poor access management.

Why is encryption important?

Robust encryption practices are crucial for businesses of all sizes for the following reasons: 

  • Encryption can protect your business from data breaches: As high-profile cyberattacks have demonstrated, every business is at risk of a security breach. File and disk encryption protects the data stored on computers and networks and can save your business from a high-level attack that could shut it down permanently. 
  • Encryption protects your customers: Businesses collect data from their customers for myriad purposes, including refining marketing strategies and personalizing sales outreach. The personally identifiable information (PII) businesses collect, such as names, birthdates, Social Security numbers and financial information, must be secured to protect your customers’ interests ― and your reputation. 
  • Encryption builds customer trust: With massive amounts of PII collected, consumers must place enormous trust in the businesses they deal with. However, cyberattack news is almost a daily occurrence and consumer confidence is understandably shaky. Businesses must demonstrate PII-handling best practices, including robust encryption measures, to earn and keep consumer confidence. 
  • Encryption protects mobile devices: In an age of remote work and frequent business travel, laptops and mobile devices often contain valuable company and consumer data. If a laptop is stolen, vast amounts of proprietary, sensitive information can be stolen along with it. Passwords aren’t enough ― thieves can boot the computer from a USB thumb drive and access all disks. Encrypting a laptop’s sensitive information ― if not the entire drive ― is critical. 
  • Encryption protects your business from fines and lawsuits: An organization can be sued if a computer containing PII is stolen and the information is leaked or shared. Encryption helps ensure the safety of critical, sensitive information and helps businesses avoid devastating financial and reputational consequences. 

Encryption isn’t a fail-safe

While encryption is crucial for all the above reasons and more, it’s important to note that it isn’t a fail-safe solution. Hackers can still access devices over an insecure network connection. There’s also the risk of users clicking a malicious link in an email and infecting their computer with malware that steals usernames and passwords. These attacks require additional security controls, including antivirus software, firewalls, user access controls and awareness training. 

TipTip
If your business must recover from a data breach, start by removing access to all infected devices and backing up critical information. Then, retain a forensics expert to assess the damage and consult a lawyer for advice on notifying customers and insurance.

How small businesses can encrypt data easily

Fortunately, straightforward business encryption solutions can help organizations secure their data. Consider the following encryption tools.

Built-in encryption programs

Robust encryption is built into modern Windows and macOS operating systems and Linux encryption solutions also exist.

Windows

Microsoft BitLocker is a disk encryption tool available on Windows 11, Windows 10, Windows Server 2022, Windows Server 2019 and Windows Server 2016. It’s designed to work with a Trusted Platform Module chip in your computer, which stores your disk encryption key. You can enable BitLocker without the chip, but a few settings must be configured within the operating system (OS), requiring administrative privileges.

To enable BitLocker, open Windows Explorer or File Explorer and right-click on Drive C. If your version of Windows supports BitLocker, the menu will display a “Turn on BitLocker” option. Click it to enable the program.

When you enable BitLocker, Microsoft prompts you to save a copy of your recovery key. This is a crucial step because you need the recovery key to unlock your disk. Without the key, neither you nor anyone else can access the data. You can print the key or save it to your Microsoft account or a file. BitLocker also lets you require a personal identification number at startup.

macOS

Apple FileVault provides encryption for computers running macOS versions from High Sierra and up. When enabling encryption, FileVault prompts you to store the disk encryption recovery key in your iCloud account, but you can write it down instead.

Linux

For Linux, you typically encrypt the disk during installation of the OS using a tool, such as dm-crypt. However, third-party tools are also available for post-installation encryption.

Third-party encryption programs

The following open-source products are well-regarded: 

  • VeraCrypt: VeraCrypt is free software that runs on Windows, macOS and Linux. It frequently gets high ratings from users and third-party testers.
  • AxCrypt: AxCrypt is an easy-to-use encryption program with free and premium versions. It has a password manager and collaboration feature for sharing encrypted data.
  • Gpg4win: Gpg4win uses military-grade security to encrypt and sign files and emails digitally.

Other encryption considerations include the following: 

  • USB drive encryption: USB drives should also be encrypted because when you copy files from an encrypted disk to a USB drive, the files can be decrypted automatically. To ensure files on a USB device are encrypted, use software like Microsoft BitLocker To Go or open-source software or purchase USB drives with built-in encryption, such as those from IronKey, SanDisk and Kanguru.
TipTip
Many data security software vendors, such as Symantec, Kaspersky, Sophos and ESET, include encryption in their security suites or sell it as a stand-alone product.

How much does encrypting data cost?

According to the Ponemon Institute, the average cost of full-disk computer data encryption is $235. This is quite affordable, given that data breach costs can be devastating. Of course, encryption will prove more costly if you lose your key and thus your access, so always keep track of your key.

Best practices for computer encryption

The benefits of encrypting data far outweigh any incurred financial or time costs. Here are some encryption-related cybersecurity tips to help you ensure robust encryption protection. 

1. Create and maintain backups.

Before enabling encryption on your computer, back up your data files and create an image backup, which is a replica of all your disk contents. You should also ensure you have the OS’s installation media and create an emergency boot disk on removable media.

Going forward, back up your computer regularly. An encrypted disk that crashes or becomes corrupt can result in files being lost forever. If you have a current backup, you can be up and running fairly quickly.

2. Use complex passwords.

Strong passwords are crucial. Consider the following tips when creating a passcode or PIN:

  • Use random numbers and letters and memorize them. The longer and more complex your password, the better. However, you must be able to remember it.
  • Consider putting two phrases together, like short verses from two songs you like.
  • Use only the first letter of each word and substitute some characters, such as a zero for an O and a 3 or a pound sign for an E.
  • Use mixed capitalization.

Keep a written copy of your PIN or passcode and your encryption key (if separate) in a safe place in case you forget them. If you enable full-disk encryption and forget your passcode, you won’t be able to access your computer ― and neither can anyone else, including data recovery services.

3. Boost Wi-Fi protection.

If you use Wi-Fi, use Wi-Fi Protected Access 3, which is a form of encryption for protecting wireless connections. Don’t use Wired Equivalent Privacy, which isn’t safe under any circumstances. 

4. Install a virtual private network (VPN)

Finally, install a VPN to access the office network from a laptop or another mobile device when working remotely. A VPN creates a secure tunnel over the internet, encrypting all data you send and receive during that session.

TipTip
Other remote cybersecurity tips include enabling multifactor authentication, being vigilant about phishing emails and updating all elements of your network security.

Encryption protects your business and customers

Computer encryption is a crucial element of small business cybersecurity best practices for protecting computers and confidential data. It’s a necessary security control for organizations that handle confidential data and should be enabled on any device that could fall into the wrong hands. With potentially massive cyberattack costs at stake if confidential information is stolen or mislaid, your business’s future could depend on effective encryption.

Neil Cumins contributed to this article.

Did you find this content helpful?
Verified CheckThank you for your feedback!
author image
Written by: Andreas Rivera, Senior Writer
Andreas Rivera is a multimedia wiz who has spent years testing and analyzing the latest B2B software solutions and services. He engages with top programs and tools to determine the best products for businesses across a range of sectors. He also recommends the best practices and strategies for specific business areas. At Business News Daily, Rivera primarily covers business technology, including e-commerce platforms, collaboration tools, cloud computing and mobile device management. Rivera has a firm understanding of what small business owners need thanks to the time he's spent interviewing countless entrepreneurs and industry experts. He also has hands-on experience in customer acquisition, marketing, PR and thought leadership. He earned a bachelor's in communication and journalism from the University of Utah.
Back to top
Desktop background imageMobile background image
In partnership with BDCBND presents the b. newsletter:

Building Better Businesses

Insights on business strategy and culture, right to your inbox.
Part of the business.com network.