Full Disk Encryption

tag: [Engineer/Developer, Security Specialist]

Full disk encryption protects all data stored on a device in the event that it's stolen or lost. Today, all major Operating Systems for workstations, servers and mobile phones have full disk encryption capabilities built in, and sometimes enabled by default. Check which full disk encryption is built into your operating system, and enable it if not enabled by default.

Best Practices

1. Ensure that full disk encryption uses strong industry-standard algorithms.
2. Enable full disk encryption by default on all devices, including laptops, desktops, and mobile devices.
3. Implement secure boot to ensure that only trusted software can be loaded during the boot process.