The Critical Nature of Endpoint Data Encryption

December 15, 2022
Cyber Security Services by CCI Managed Services

Cyber Security Services

How easily can a thief grab private data on your laptop?

Have you or somebody you know ever had this something similar happen? …You are sitting in a busy cafe talking on your phone and don’t notice that a person walks behind you and stealthily lifts your laptop out of your open bag near you. Later, when you get up to leave, you notice something is wrong. Your bag feels lighter, and you discover your laptop is missing. Are you frantic? Of course you are. Are you worried about losing and exposing sensitive data? You should be.

Millions of laptops get stolen each year. If you are one of the unfortunate owners, I bet you didn’t know how easy it is for the thief to access your private, sensitive information quickly and easily passwords or not. The typical reason is that data on the hard drive didn’t get encrypted.

Never Assume Your Data is Protected

How protected is your data? Ask yourself these few questions:

  • How easy would it be to access sensitive information on your laptop if it were one of the millions that get stolen every year? It is very easy if not encrypted!
  • Did you know that many versions of Windows include the capability to encrypt your sensitive information, but that the feature isn’t enabled by default?
  • If your notebook computer is lost or stolen, did you know in most cases the information can be accessed without any need for your login and password?

According to the FBI, approximately 2 million laptops are stolen each year. Most victims believe their information is secure. Often it is not. Here’s why.

Most computers sold each year are running Windows. You would think that Windows PCs would be automatically set up for data encryption. According to, “Security is such a big focus for Microsoft’s latest operating system that automatically keeping stored data scrambled unless the computer is unlocked seems sensible. In fact, the mechanisms to do exactly that are already in place.” Some versions of Windows already support automatic device encryption. You just have to sign into the machine with a Microsoft account, which nearly all people do during setup. Sounds simple enough.

However, what interferes with automatically setting up your laptop is the hardware itself. “If a PC doesn’t meet the required standards, device encryption doesn’t automatically kick on, even if your laptop or desktop system is brand new. That doesn’t mean your computer can’t be encrypted, but you may have to do some work or pony up more money to make it happen.”

Unless your computer is using software that already encrypts your sensitive data, you will be at risk. Here are examples of data that could be left unsecured:

  1. Files that are saved on your desktop or locally in folders are not automatically secure and are fully exposed.
  2. Cached copies of files used with One Drive, Google Drive or other cloud file storage services are fully exposed.
  3. Worse yet, emails stored in local cache for offline use are easy to access.
  4. Let’s hope you didn’t keep passwords in a spreadsheet or email because that could open an even broader series of risk issues.

In reality, it is easy for a thief to pull out the device’s hard drive and simply access all this sensitive data with no need to even enter your Windows password. Yikes!

You could hope you’re never a victim. But is hope really an appropriate strategy? A more beneficial approach to encrypt data all on all of your end-user devices that contain sensitive data to prevent its readability without the assigned decryption software.

This corresponds to the “CIS Control 3.6 standard, Endpoint Encryption”, one of the many security actions recommended by CIS Controls (CIS stands for the Center for Internet Security) which sets the standards for cyber security. Having these business controls in place ensures that your laptop is secure at all times.

Endpoint Data Encryption Solutions

CIS Control 3.6 describes the importance of encrypting data on end-user devices containing sensitive data. Examples of encryption solutions for different operating systems include using such software as Windows BitLocker®, Apple FileVault®, Linux® dm-crypt.

At CCI Managed Services, we recommend whole disk encryption to ensure your data cannot be accessed by anyone other than you. Keep in mind that this capability may already be included with your operating system but not set up yet for your use.

Just like taking your car or truck to your mechanic once a year to inspect its safety, it is a good practice to visit your security advisor periodically to inspect your network and tackle any issues found. You’ll have the peace of mind knowing what’s really going on.

Learn just how exposed your data could be to constantly changing cybersecurity threats, and potential loss or theft with a security audit. CCI Managed Services has the experience and knowledge to provide you with a thorough security inspection and solution to safeguard your business.

We understand that keeping your data safe is crucially important. In fact, good network security means better productivity, less drama, and fewer disruptions to your organization.

Contact CCI today and ask about our practical security assessment and report card. It’s short money for that priceless piece-of-mind feeling.

Leave a Comment

Your email address will not be published. Required fields are marked *