What is device encryption and why should you use it?
What is device encryption and why should you use it?
Encryption is a security measure designed to protect sensitive information from prying eyes.
In simple terms, it turns information into a secret code that will look like gibberish to anyone who sees it. The only way of turning it back into understandable text (or code) is by supplying a key or password.
On mobile devices, whole-phone encryption is generally enabled by default on modern handsets and operating systems. If for some reason it isn’t, or you choose not to use the built-in encryption, you can also rely on a variety of third-party apps to provide it for you.
Luckily, most developers, phone makers, and operating systems are built such that effective encryption is within everyone’s reach.
Where can encryption be used?
For most users, the concept of encryption will show up in the following three areas:
- Whole-phone (device) encryption.
- App and file encryption.
- Public Wi-Fi encryption.
Whole-phone encryption means that all the data contained on a device is protected from unauthorised access. It would prevent, for example, somebody accessing your data if your phone was lost or stolen and protected with the encryption PIN or password.
App or file encryption protects a subset of the information on your phone, but not all of it. In most practical senses, apps and files are quite distinct. You could protect one or more individual files by encrypting them in a secure folder (a default feature on many phones) or by installing an app to do the job. It’s worth noting that experts don’t think you should do this – encrypting only one or two files on a phone signals to a would-be cybercriminal that those particular files are of interest and worth paying special attention to.
App encryption, then, falls on app developers. Some apps, especially those used for communication place a special emphasis on security and safety around messages and media by encrypting this information as it is sent between users. There is little you can do to influence this security and instead you have to trust that the app itself is the best option for your encryption needs.
Finally, a serious and very relevant question hangs around the encryption of your data when you use Wi-Fi. Public Wi-Fi is really what’s at question here: the Wi-Fi in your home is supposed to already be protected and secure (secured with the same technology that means people can’t piggyback on your connection).
The risk with public Wi-Fi is that a given, unsecured Wi-Fi connection could be funnelling all the information you send via that connection (passwords, addresses, personal information, and anything you send to a website while you’re browsing) to a nefarious third party. The solution here is to ensure you’re using a VPN whenever you’re on public Wi-Fi, which we’ll discuss below.
Encryption and VPNs
A VPN or virtual private network is like a firewall for your mobile connection, creating a barrier between your phone and third parties. It doesn’t work like a firewall, however – instead, it creates a virtual (cloud) network as a barrier between your device and the Wi-Fi network and helps encrypt the information entering and leaving.
The entering and leaving of information is the weak point: your phone is protected and the websites and apps receiving your information are protected. Where we need to focus is on the information making the journey between the two. A VPN helps protect by firstly making it hard to access the data in the VPN and, secondly, encrypting the information it contains so that even if someone did access it, that person could not understand or use it.
Beneficial as it is, a VPN isn’t a service that is offered by default on phones. Instead, you will need to install an app, which is probably why most users don’t use one, even if they really should!
The pros and cons of mobile encryption
For apps and files
When it comes to encrypting the data in your apps, it’s a no-brainer! Millions of people accidentally install dodgy apps every year, so learning the warning signs is always good – especially if the app deals with your private information.
Never download apps from third parties; always check reviews before you install anything; check the permissions (for example, why is a torch app asking for access to your contacts?); and install a security suite to scan and flag any potentially harmful apps before you hit ‘download’.
For public Wi-Fi
Likewise, using a VPN for public Wi-Fi should be an absolute priority, especially if you are a frequent user of this admittedly handy service.
It’s shockingly easy to steal personal data via unsecured Wi-Fi and there are unscrupulous people who make a more than decent living from doing so! A good VPN will be easy to use and light on phone resources as it helps keep your personal information secure.
For whole phones
Whole-phone encryption has a few more nuances to it. On the upside, it’s another layer of protection for a phone and significantly increases your overall security. If your phone is stolen or lost, it will offer protection that could make the difference between the theft being a major disaster or a minor inconvenience.
On the flip side, many of the phones that do not offer encryption by default are older and, as such, encryption apps are likely to slow them down.
It’s also worth noting that the encryption process takes time to set up, and if you lose your encryption key, you’ll be in big trouble. Finally, bear in mind that an encryption app won’t protect your device from cyberthreats like phishing, malware, or theft of the handset and that the app stores may contain full of rogue encryption apps whose very purpose is to steal your data.
Should you encrypt your device?
We’re going to settle on a soft no – if we’re talking about whole-phone encryption. Most of you have more modern phones running up to date operating systems and, if that’s the case, you have phone encryption enabled by default on both iPhone® and Android™. Think about installing a security solution, and always take care over the apps you install.
If your phone is old and using an out-of-date operating system, however, you’ve got bigger problems than your encryption and we’d suggest you high-tail it to your mobile operator to see how you might be able to get your hands on the latest version of your operating system. That way, you’ll get access to a whole host of important security improvements and benefits.
If you’re a frequent user of public Wi-Fi, however, a VPN that encrypts your connection is essential. Imagine for a second that your data lives in a pond out in an open and that your data is the fish swimming around. Using public Wi-Fi without protection is a bit like handing a fishing rod to a stranger and telling them to fish away!
We’re pretty sure you don’t think that’s a good idea, but if you use public Wi-Fi spots, it’s effectively what you’re doing. Instead, install a VPN and get in the habit of using it. Not only will that fishing rod be locked away in a cupboard, you’ll also have built a nice chain-link fence around your pond!
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.