If you left your smartphone behind in a coffee shop or you were required to pack your tablet in your checked luggage, would your personal data be safely locked away? If you don't have your device protected by a lock-screen passcode and your data encrypted, your text messages, personal and business contacts, emails, photos and videos and other sensitive information could all be accessible.
What is encryption?
To describe it simply, encryption is the process of jumbling data using an encryption key available only to you in such a way that the information is no longer recognizable or understandable. When you need to use your data, the reverse process of unscrambling, known as decryption, uses your unique encryption key to bring it back to a readable state.
You can think of encryption as a secret code known only to you. If someone were to steal your private journal, the thief wouldn't be able to understand what’s in it without knowing the secret code you used to encrypt it.
Why encryption is important
Even if you’ve locked down your phone with a strong alphanumeric password, the data behind that wall of defense are still readable — your emails, text messages, photos, everything. So unless you have encrypted your phone, a knowledgeable thief can use various means to crack or bypass your password and then harvest your data.
Since encryption garbles information, it adds another layer of protection to your information by rendering it unusable by anyone who doesn't hold the key to un-garble it.
Governments encrypt classified information. Businesses guard their corporate secrets with encryption technologies. Doctors and lawyers use encryption to prevent client data from falling into the wrong hands. You can use encryption to shield your personal information against identity and data thieves. In fact, the United Nations Commission on Human Rights considers encryption a human right because it “provide[s] the privacy and security necessary for the exercise of the right to freedom of expression in the digital age.”
If you are preparing to sell or give away your mobile device, encrypt it before resetting it to its factory state, especially if it's an Android device. Even a full factory reset won’t completely wipe out your personal data on older Android devices. Security company Avast found that information you thought had already been wiped clean still remains on your Android device even after a factory reset. The company’s researchers were able to extract photos, emails, text messages, search histories, personal identities, contacts and more from used Android phones they bought from eBay. Researchers at the University of Cambridge have also found that remnants of your “deleted” data can actually be used to log in to your accounts.
You can avert the potential for data breaches like these by encrypting your mobile device.
How to tell if your iPhone or iPad is encrypted
Apple devices running iOS 8 or higher have encryption baked into the OS and file system itself. However, your device isn't encrypted until after you've set up a lockscreen passcode.
How to encrypt your iPhone or iPad
Go to Settings > Touch ID & Passcode. There, turn on the Passcode feature. Disable Simple Passcode so that you can use longer alphanumeric passcodes that are harder to crack. While you're at it, set the Require Passcode option to Immediately.
Afterwards, return to Settings > Touch ID & Passcode and scroll down to the bottom. Here, enable the Erase Data option so that your data will be automatically wiped after 10 failed passcode attempts. You should also see “Data protection is enabled” below the option. This means that data encryption is now active and uses your designated passcode as part of the encryption key. Now no one will be able to hand over your data because only you know your passcode.
How to tell if your Android tablet or phone is encrypted
If your phone runs Android 6.0 (Marshmallow) or higher, it's encrypted by default.
If your phone is running an earlier version of Android, you can head over to Settings > Security (or in some phones Storage). There you will either see that your phone is encrypted or that you have the option to encrypt your phone.
How to encrypt your Android phone or tablet
On Android devices, the steps are similar. Here’s how to do it for Android 4.4 KitKat and Android 5.0 Lollipop. First, you'll want to plug your device in and ensure you have at least 80 percent charge. Then go to Settings > Lock Screen > Screen Lock. Input your old passcode and a new one (make sure it's at least 6 characters). Then go to Settings > System > Security > Encrypt device > Encrypt Phone (or tablet). If you use a microSD card in your phone, you may also select Encrypt external SD card. Than select Encrypt phone (or tablet).
Once you encrypt your Android device, you cannot turn off encryption without performing a full factory reset. An encrypted SD card will only work on the device that encrypted it, so you can pop the card into a reader on your computer or use it in another device. Fortunately, SD card encryption can be undone, unlike full disk encryption of your mobile device. If you want to use your SD card on another phone, you will have to decrypt it first.
Initial encryption can take 30 minutes to about an hour, depending how much data you have. Your phone or tablet will reboot a few times during the process; this is normal. Just let the process complete. Once encryption is finished, you will be asked for your PIN or password to unlock your device.
[Image credit: mobile security - smartphone data theft concept via Shutterstock]