Should You Encrypt Your New Flash Drive?

This is why I decided to encrypt my new Flash Drive, and why I think you should too.

212 views

Edited: 2021-01-13 15:37

I just got a new, small, flash drive at 64GB; ok to me, that is actually not small. I rarely need more space than a few Gigabytes, and I have probably not owned a flash drive bigger than 8GB before. Anyway, when I first inserted it into my computer, the question entered my mind if I should encrypt the drive.

I am always very careful with my storage devices, and have, so far, never lost one. Nevertheless, I was planning to store a customer's Wordpress backup on this drive — at least temporarily — so I ultimately decided to encrypt it.

Even for personal use, you never know if you might put some sensitive personal data on the drive, and so, encrypting it is just a small extra stem that almost everyone can do.

Always encrypt flash drives

The question is now, why not just have a policy to always encrypt flash drives? If you are on Linux, encrypting a drive is very easy, and only a small extra step to take. You do not even have to memorize the password, as you could just use a password manager and auto-generate the password.

If your drive potentially contains sensitive data, you should always encrypt it.

When you use a password manager such as KeePassXC, but this will also make it impractical to use the drive on other computers. You would need to either have a cloud-hosted copy of the password mangers key file, or you would need to carry a separate flash drive with the key file on it.

Of course, if you use a decent password manager, the key file will also be encrypted, so there is little risk of someone stealing it.

Security best practices

It is tempting to just maintain one big keyfile with all of your passwords, but this is less secure than if you maintained multiple keyfiles. For example, if you had just one key file per flash drive, then it would not matter much if someone got their hands on it; you could just format the drive with a new key.

Of course, security is a very complex topic; I am still trying to improve my own security, but developing good security practices is something that takes time, and probably something we will have to continually work on. We sure can not just take a "set-it-and-forget-it" approach to security. I am no expert, but encrypting flash drives seems like an obvious and easy thing to do that everyone can do, to improve their security. Personally, I really do not want to leak customer data by some crazy accident.

The funny thing is, even if I had not encrypted this flash drive and lost it somewhere, the chance of someone picking up the drive, and also knowing what the data was, and how to use it, would be very small. Nevertheless, I still choose to go with encryption.

Linux makes encrypting drives easy

I am using Linux on my work computer, and I must say the Desktop version has become very stable and usable. I almost never use Windows anymore, since there is almost noting I can not do in Linux.

For SVG files I use Inkscape, for photo editing, Gimp, and for video editing I use Kdenlive. Linux also has tools for encryption. KDE Partition Manager comes preinstalled if you use KUbuntu, and it is very easy to use; alternatively, you can install GParted.

Oh, and if you are on Windows, you might be able to use BitLocker. Unfortunately, the Home edition of Windows seem to lack decent encryption tools — maybe this is a good reason for you to switch to Linux?

There are also tools for the command line, but I see no reason to use those unless you need to somehow access a server through SSH. The GUI tools are much easier when it comes to disk partitioning.

You never know when you want to transfer personal data to your a flash drive, so it may be a good idea to opt for encryption from the start. If you have not tried using encryption before, you will probably spend a bit of time reading about the various options, but this time is well-invested. You have fun messing with your little bits now!

Tell us what you think: