Should I Encrypt Sensitive Files on My Computer?

If you keep tax forms, legal documents, financial records or other files with sensitive information on your computer, encrypting the files may be an effective way to protect them. Even if you're dealing with files stored at your home on your desktop, encryption can keep your information safe if your computer ever becomes compromised by a virus or hacker. It can be especially important to take extra steps to protect your data if you run a small business and store clients' information, or if you use a laptop that could be lost or stolen.

How Does Encryption Work?

Encryption is the process of scrambling information so it can't be read without a key. As the owner of the data, you'll have the ability to unscramble the data by using a password, biometric information or something else.

Encryption turns a normally readable message that you want to save or send, broadly referred to as plaintext, into an encrypted message, or ciphertext. The key decrypts the ciphertext back into plaintext.

A simple example of encryption is a method you may have encountered before in a spy novel or war drama. Let's say you have a message where the plaintext is "hello." The message gets encrypted by shifting each letter in the message over one space in the alphabet, so that the encrypted message (or ciphertext) appears as "ifmmp." This is called a shift cipher, also known as Caesar's cipher.

The key needed to decrypt the message would simply be the number times and the direction in which the letters in the message were shifted. In the above example, you would just need to know or figure out that the letters in the message were shifted one time, forward in the alphabet. Someone who intercepts the message won't immediately know what it says, but a recipient with the correct key can quickly decrypt the ciphertext.

Of course, many people, and certainly today's computers, could figure out how to decrypt a message that's encrypted with a simple letter-shift cipher. Astronomically more complex methods are used to encrypt computer files and information that's sent online, but the same general concept gets applied.

What Are the Benefits of Encrypting Sensitive Files on Your Computer?

Encrypting sensitive files on your computer can help keep the information within those files private. Requiring a login password to open your computer might be a helpful step to keep a roommate from snooping, but files can be copied from your hard drive in other ways. Or, someone may be able to get remote access to your computer without you realizing it.

If your files are encrypted, people without the key won't be able to open or use the information they've stolen. Additionally, your employer may require you to encrypt files on your computer if you're working from home, or if you work with companies that share private information with you.

There are drawbacks as well. For example, once your information is encrypted, it will be nearly impossible to decrypt without the key. Which means you might lose access to your own files if you forget your password or otherwise lose access to the method used to unlock them. And, if the password you use to access your encrypted files isn't very strong, that may be a weak link even if the encryption itself is strong.

Even with all this in mind, encrypting sensitive files is often worth your effort, particularly because it's not necessarily difficult to do.

How to Encrypt Files on Your Computer

There are many ways to encrypt files on your computer, including a variety of free options. But first, you need to decide which files you want to encrypt.

If you don't keep a lot of sensitive information on your computer, you may want to use a program that allows you to encrypt individual files and folders. As a general rule of thumb, encrypt any files that have personally identifiable information, or have information or images you wouldn't want published online for anyone to see.

Another option is to encrypt your entire hard drive, or a large part of your hard drive. While this can seem like an easier solution, remember the downside—a lost password means you lose all your files. If you do decide to encrypt your entire hard drive, you may want to regularly back up the information on an unencrypted, but securely stored, external hard drive (ideally one that's not hooked up to an internet-connected device).

Popular Encryption Software

Many modern encryption options use similar levels of security to keep your files secure, but you may have a preference depending on program pricing, the computer operating system you use and your comfort level with technology.

For example, FileVault 2 is included with Macs that use OS X Lion or later and will encrypt your entire hard drive. Once enabled, you'll need to use a password to access your account. You can optionally create a recovery key that you may be able to store locally, or use your iCloud account to decrypt your files.

BitLocker is the free encryption software that can encrypt your drive and comes with the professional and enterprise versions of Windows 8 and 10. However, you may need to have certain hardware to run the program. Similar to FileVault 2, you can create a recovery key that you save locally or save to your Microsoft Account.

In addition to the included options that may come with your computer, there are popular third-party encryption programs available. Some are free, while others have free basic features and a paid version.

Protect Your Identity and Credit

Encrypting the files, folders or entire hard drive on your computer can be an important step in keeping your personal and business information secure. In turn, this can help protect you from identity theft. But it's only one of the many steps you may want to take.

For example, you'll want to use strong, unique passwords on all your online accounts, as those may be compromised by a data breach. Ideally, you'll also turn on two-factor authentication for your most important accounts.

If you think some of your accounts may already be compromised, you can run a free dark web scan. Additionally, you could sign up for an identity theft protection service, such as Experian IdentityWorks℠. The service can help you monitor your credit reports, public records and the web for your personal information and suspicious changes. And, if something does happen, you'll be supported with a U.S.-based fraud resolution team and up to $1 million in identity theft insurance.