When Should You Use Encryption?

“Encrypt everything to protect your data!” It’s common advice these days, with concerns about snooping and privacy reaching a fever pitch. But average computer users don’t really need to encrypt everything.

More operating systems are including encryption by default, which is fine. But, if your operating system doesn’t, you probably don’t need to start encrypting everything with third-party software.

When Encryption Actually Helps

Let’s get away from the emotional component of wanting to lock down access to all your files so only you can view them. Here’s are the situations where encryption will actually do something for you:

- Protecting Sensitive Data If Your Laptop is Stolen: If your laptop is stolen, encryption will prevent a thief from booting it up and looking through your sensitive data for financial information and other sensitive things. Realistically, your average laptop thief probably just wants the hardware and will probably wipe the drive quickly. But, if you have sensitive documents on your computer, encryption does make sense. The thief probably doesn’t care about most of your data, though — photos of your dog, your MP3 collection, and any sort of videos you might have downloaded won’t be important to them.
- Storing or Sending Sensitive Data Online: When storing something particularly sensitive — perhaps archives of tax documents that contain personal details like your social-security number — in online storage or emailing it to someone, you may want to use encryption. Almost all of your personal files likely don’t require this sort of encryption, though.
- The Business Case: For businesses, there may be various commercial guidelines or rules requiring the use of encryption. These are intended to prevent the terrible stories we hear about business laptops being stolen out of cars, and those laptops having massive databases containing millions of customer credit card numbers on them. Of course this sort of data should be encrypted, but we’re focusing more on average users here. (And actually, a laptop sitting in a car shouldn’t have this sort of database on it in the first place!)

Encryption could potentially protect your data from being searched by law enforcement, but in a serious investigation you’d likely be compelled to disclose your encryption key. We’re focusing on the average computer user here, not someone who has something serious to hide from law enforcement.

Does the Information Need to Be Secure?

If encryption is enabled by default, don’t worry about it — it should be convenient enough to use. We’re not saying you need to disable that encryption at all. However, if you’re a normal desktop or laptop user, there’s no need to upgrade to the Professional edition of Windows and set up BitLocker, encrypt the external drives containing your term papers and cat photos, or go through the process of setting up TrueCrypt to encrypt your entire system drive.

Home versions of Windows 7 and the standard edition of Windows 8.1 running on older hardware don’t offer easy default encryption. Setting up encryption can be a headache and going through the trouble of encrypting all the files you upload to the cloud also takes more forethought and work. If you’re encrypting all your funny cat photos, you’re probably just wasting your time.

Even an average computer user may sometimes — but probably rarely — want to use encryption. Sensitive tax and business documents — you may want to encrypt those, especially if you’re backing them up online or emailing them to someone else. However, the photos from your last vacation and that Word document with your résumé really isn’t something you need to worry about securing so much.

The real question is: Does it need to be secure? If so, you might want to use encryption. If not, don’t worry about the encryption.

Think About the Real World

Remember: There is no perfect security. We all accept this in the real world. It’s a frightening thought, but the locks on our house and apartment doors would quickly fall to a determined thief with a bump key. We could improve our security and get front doors made of thick metal with bank-vault-grade locks, but that would be an awful hassle — not to mention expensive.

Obsessing over encrypting every single file you own on your hard drive and in your cloud storage is kind of like that. It’s focusing on data that doesn’t need to be secure. Instead, you’re probably better off spending your time making stronger passwords, enabling two-factor authentication, and generally maintaining good computer security practices.

As operating systems adopt encryption and make it more seamless, the hassle factor will be less of a concern. But, for now, the average computer user shouldn’t have to obsess over encryption. Worrying too much about encryption can waste your time and distract you from things that can actually help you secure your sensitive data and accounts.