Hard disk encryption can protect data on laptops or PCs from hacker attacks. However, there are different types of hard disk encryption. Find out what they are and how to find the right encryption method in this article.

What exactly is hard disk encryption?

Hard disk encryption is a measure to protect data. It prevents data on the hard disk from being easily copied or stolen.

This works by converting the data. The information on the hard disk is converted into a format during hard disk encryption. This format is completely unusable without the appropriate key.

The great advantage of encryption is that it cannot be easily cracked or bypassed even by systems and programs. The converted data can only be recovered in its original form and used with the appropriate key. Neither other people nor other systems know this key and cannot easily find it out.

Hard disk encryption is therefore a very reliable means of protecting data. The type of encryption that makes the most sense depends on what you want to encrypt.

The types of hard disk encryption

There are basically two types of hard disk encryption: Full Disk Encryption (FDE) and File Level Encryption (FLE). The difference lies in the selection of the encrypted data and the application possibilities.

FDE encrypts a hard disk completely. All data on it is then protected. This includes the computer’s operating system. However, the encryption must be removed in order to use the hard disk. This means that the encryption is only active when the computer is not in use. The data is therefore only protected from physical access. Hacker attacks via the Internet are still a threat.

Windows has an integrated FLE called BitLocker pre-installed. So, the hard drive is protected by BitLocker out of use on Windows systems (Windows 10 and later).

With FLE, on the other hand, selected files, directories or file systems are encrypted. These are then also protected throughout. Hackers therefore have no access to these files in the event of an attack. However, they can still cause damage to the non-encrypted files.

It is also possible to use both types of encryption on one hard disk. Then you have double protection and the hard disk is as secure as it can be.

Finding the right method for yourself is basically not difficult at all. If you only want to protect certain data, the FLE is sufficient for that. This can be useful for a private laptop, for example, if private documents from the bank or insurance companies are stored on the hard disk.

For company laptops, on the other hand, the FDE is a good choice. Usually, a lot of internal data is stored on the company computer, which should not fall into the wrong hands. Complete protection makes sense here.

Encryption methods

The level of protection also depends somewhat on the encryption method chosen. There are symmetric and asymmetric systems, which create encryption in different numbers of bits. The higher the number of bits, the more complex the encryption. And thus also correspondingly more difficult to crack.

Some systems even anonymize the data to provide further protection. Files are renamed in addition to the encryption. This means that it is no longer even possible to identify what is behind a file.


Hard disk encryption is a sensible step in data protection. No matter if only a few data should be protected or the whole hard disk, with encryption the data is safe from unauthorized access.

It is important to decide how secure the data should be, because the chosen system and encryption method depends on it.

Encrypting personal data, by the way, is explicitly suggested in the General Data Protection Regulation (GDPR). Even if encryption is not mandatory, violations of the GDPR can result in heavy penalties. Then people will wish they had encrypted their data. So the DSGVO proposal makes sense and is easy to implement with the appropriate software.