Disk Encryption Tools

Disk encryption software natively encrypts files at either the OS or hardware level, and typically involves encrypting the entire hard drive. Full disk encryption ensures that all data on the hard drive remains secured, even if the hard drive itself is physically stolen. Full disk encryption is generally provided natively by the operating system, such as BitLocker on Microsoft Windows or FileVault on Apple MacOS, but there are also third-party tools that can provide the same service with a different feature set

Disk Encryption Tools

  • WebsiteBitLocker Drive Encryption Overview
  • Use: File encryption as part of Windows Operating Systems
  • Cost: n/a - Included in operating system
  • Encryption: AES-256, AES-128 (default)
  • Password: Yes

The latest versions of Windows include an option for an encrypting file system that transparently encrypts files and folders.

Microsoft's recommended best practices for BitLocker in Windows 10
Microsoft's recommended best practices for BitLocker in Windows 7

  • Websitehttp://www.apple.com
  • Use: Home directory encryption on Apple OS X V10.3 and later
  • Cost: n/a - Included in the operating system
  • Encryption: XTS-AES-128
  • Password: Key derived from user's login password

The latest versions of OSX also include an option for a file system that transparently encrypts files and folders.

How to use FileVault to encrypt your documents

  • Websitehttps://www.veracrypt.fr
  • Use: Disk encryption software for Windows, Mac OS X, and Linux
  • Current version: 1.21
  • Cost: Free/Open Source
  • Encryption: AES-256, Serpent, Twofish, Camellia, Kuznyechik
  • Password: Yes, required to decrypt partitions/volumes

VeraCrypt is a powerful open-source encryption application that can create individual encrypted containers (not unlike a PW-protected ZIP file), encrypt an entire hard disk, and even a few things in between. It is based on a fork of the since-discontinued TrueCrypt 7.1a

How to use VeraCrypt for your encryption needs

  • Websitehttps://www.symantec.com/
  • Use: Hard drive encryption for laptops and desktops
  • Cost: Columbia University has limited licensed copies, may require cost for usage
  • Encryption: AES 128 bit/256 bit
  • Password: Yes

In the event the encrypted password is forgotten, Guardian Edge provides a self-service mechanism to retrieve the lost password. This feature is only available in Guardian Edge, whereas in the free products mentioned above, if the password is lost, it can never be retrieved, and the encrypted information is inaccessible even to the legitimate users.