If you have a recovery partition in your disk, this one should not be encrypted, but you should encrypt all windows partition be them system or data if you want to be super safe, or only the sensitive data partition if you can accept that an attacker could find traces in temp or swap files.Īlternatively, you could build a (set of) removable recovery data, and go with full disk encryption. Pros: if things go wrong, the unencrypted partitions will be easier to recover Pros: you have no risk of leaking some sensitive data in a non encrypted partitionĬons: if things go wrong, the full disk become unreadable and you will have to try to recover/reinstall from a removable bootable media: do not forget to build and securely store itĬons: if you only encrypt a data partition, sensitive data can end in temporary files or swap file in a non encrypted partition Both solutions are acceptable but they have different pros and cons.
0 kommentar(er)
