Is File Encryption as Reliable as Full Disk Encryption?


Data encryption ensures protection of all sensitive data stored on a computer, regardless of whether it is used for a business or an end-user. Two common methods of encryption are file encryption and full disk encryption, each offering various pro and cons.

Both Methods Explained

Hard disk encryption, also called full disk encryption, allows complete protection of a system, including applications, programs and the entire operating system. Swap space and even temporary files are encrypted using such a method, and the main benefit is that owners don’t take chances as to which files/folders to protect. This encryption method is particularly useful against computer theft, in the unfortunate event your laptop finds its way into shady hands.

File encryption, as the name indicates, stops unwarranted access to specific files and folders. Though this method allows for more freedom on the part of the user, it is considerably less reliable than encrypting an entire hard-disk. However, since full-disk encryption can be a burden on resources (i.e. virtual memory) at times it is preferable to only encrypt single files or folders. This is particularly suited to network administrators who have specific knowledge of where sensitive information may be stored.


Full Disk Encryption

Security and Reliability

For file/folder encryption to prove reliable, there must be consistent policies regarding the encrypted data. Endpoint security systems¬†could find the encryption of single files or folders more practical, since encrypting a whole volume will likely be a resource-hog and prove to be unnecessary anyway. For instance, files containing information such as passwords, addresses, social security and similar will be encrypted. Government organizations will find single-file encryption less reliable, since the amount of sensitive information present far exceeds an end-user’s system. This is particularly true for central systems storing vital information.

Despite the fact that modern operating systems, like Windows, Linux and Mac Os, are protected by EFS (Encrypting File System) many business opt for specific encryption products to protect sensitive digital information. These programs provide a number of features in order to render your system or network secure. Some applications use a hybrid cryptosystem, which gives the user the extended security of both symmetric and asymmetric cryptosystems. These advanced encryption methods and are ideal for a business or network which places extra weight on security issues.

Both file encryption and full disk encryption have varying levels of reliability, as long as they are employed for the specific scope they were intended. A combination of both methods is ideal for large networks for instance, where a central system is fully encrypted and endpoint systems use varying methods of single-file encryption. Together with remote storage and disaster recovery, they give users and administrators the most peace of mind.

The average computer user hardly considers encrypting sensitive data, not fully realizing the value of that digital information. After all, files and folders are just data, without the same value as tangible possessions. However, it is always worth investing in encryption solutions, as there is no telling who will have access to valuable information and, most importantly, how they may use it.