Disk encryptionis computer security software that protects the confidentiality of data stored on computer media (e.g., a hard disk, floppy disk, or USB device). If an unencrypted device containing customer information is lost or stolen, the Data Protection Act requires that you inform all of your affected customers of the loss and recommend that they change all their passwords, Bank codes etc., and closely monitor their financial systems for security breaches for a period of at least six months. If the device was encrypted there is no need to inform the customers as the data is protected and not accessible to anyone without the correct password.
Encryption generally refers to the total encryption of an entire disk drive which is mostly transparently to the user, the system, and applications. This is generally distinguished from file-level encryption that operates by user invocation on a single file or group of files and which requires the user to decide which specific files should be encrypted. Disk encryption usually includes all aspects of the disk, including directories, so that an adversary cannot determine content, name or size of any file. It is well suited to portable devices such as laptop computers and memory keys which are particularly susceptible to being lost or stolen. If used properly, someone finding a lost device cannot penetrate actual data, or even know what files might be present.
We recommend encrypting all devices which are mobile such as laptops and memory keys to ensure compliance with the Data Protection Act. For devices such as laptops we recommend using free open source encryption software which we can install and configure for our customers.
We'd very much like to hear from you!