Full-disk encryption

Let's explore the process in detail, looking at how the whole disk encryption works. Full disk encryption encrypts an entire disk drive. When an authenticated user accesses a file from a fully encrypted drive, the encryption technology decrypts the file using the decryption key provided at system startup, and the rest of the drive remains encrypted. This method ensures the protection of the hard drive if a system failure occurs or the system is deliberately shutdown. The primary goal of full disk encryption is that the drive and files remain encrypted during the system shutdown state. On a running system, the encryption is technically not in place for users to access files. This is because the operating system has the decryption key to access files on the disk.

Full disk encryption is a perfect solution for devices like notebooks and desktops, which shutdown at some point. Full disk encryption helps to protect data in the event of the physical loss of a disk and makes more sense for portable devices.