On this page:
Encryption is uniquely suited to protecting sensitive data, whether it's flying around on a laptop or zipping across the Internet in an e-mail. Encryption itself is nothing new; in fact, encryption has been around for thousands of years. Although the methods and sophistication of encryption techniques have varied throughout history, the core concept has always been the same.
The two most common methods to protect data on laptops are "full disk encryption" and "file encryption". As the names imply, one method protects everything on a disk drive (full disk encryption) and the other method encrypts only selected individual files (file encryption).
With full disk encryption, all data is protected – including the operating system – as well as USB flash and other external drives. Full disk encryption is like taking a disk drive and coating it with a layer of impenetrable paint. Everything on the drive is soaked with encryption. Even the files you may not know about that keep exact copies of data that you've been working on, such as temporary files are encrypted.
Because everything is encrypted, including the operating system, you have to first "unlock" the encrypted drive with your personal passphrase before you can even start or boot up your computer. This preboot authentication before system startup provides a way to keep out the data thieves. Even if an encrypted disk drive is removed from one computer and installed in another, the preboot authentication screen always appears and asks for the passphrase, stopping unauthorized users in their tracks.
(This content is attributed to "Laptop Encryption for Dummies" Copyright 2007 Wiley Publishing Inc.)
More information on encryption can be found on the Encryption at MIT page.
This section is in the process of being drafted. Check back later for more information.