Definition

hard-drive encryption

What is hard-drive encryption?

Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.

Data on an encrypted hard drive cannot be read by anyone who does not have access to the appropriate key or password. This can help prevent access to data by unauthorized persons and provides a layer of security against hackers and other online threats.

The concept of hard-drive encryption is simple: when a file is written to the drive, it is automatically encrypted by specialized software. Though it sounds similar to hardware-based encryption, it does not rely on the use of any hardware to encrypt the hard drive.

When a file is read from the drive, the software automatically decrypts it while leaving all other data on the drive encrypted. The encryption and decryption processes are transparent to all common applications such as word processors, databases, spreadsheets or imaging programs. A computer equipped with hard-drive encryption appears, from the user's point of view, to function as any other computer would.

A graphic showing five key developments in hard disk drive technology

What is BitLocker?

Windows OSes offer a hard-drive encryption software program called BitLocker. BitLocker allows recovery keys to be saved and employs two-factor authentication.

BitLocker is supported on:

  • Windows 11 -- Enterprise and Pro)
  • Windows 10 -- Enterprise and Pro
  • Windows 8 and 8.1 -- Professional and Enterprise
  • Windows 7 -- Ultimate and Enterprise
  • Windows Server 2008 and later

Other hard drive encryption software tools are available as well. AxCrypt,is a popular open source tool used to encrypt files. Furthermore, external USB drives with encryption software are available for purchase.

How does hard drive encryption work?

Hard drive encryption systems use the Advanced Encryption Standard (AES), which is a block cipher. The encryption process works through using an encryption key, according to an encryption algorithm. Hard drive data is encrypted through translation into unreadable code called ciphertext. Cipher lengths for hard drive encryption is typically either 128-bit or 256-bit. The 256-bit encryption is recommended, as it provides stronger security.

This was last updated in November 2022

Continue Reading About hard-drive encryption

Dig Deeper on Desktop management