Skip to main content

Encrypting your Computer's Hard Drive

How to ensure your hard disk is encrypted

Updated this week

Note: Your company may have specific guidance on how you should encrypt your hard drive. Please check with your IT or compliance teams before proceeding.

Encrypting your hard drive is a critical step in securing sensitive data and passing compliance checks. Follow the instructions below based on your operating system.

macOS

  1. Open System Preferences and click Security & Privacy

  2. Click on the FileVault tab

  3. If FileVault is off, click "Turn On FileVault…" button

  4. You may need to click the lock in the lower left corner to make changes.

  5. Once enabled, FileVault will display a confirmation message.

Windows 10/11 Professional

Note: BitLocker is not available for Windows Home Edition.

You may want to follow the steps to turn on standard Bitlocker encryption provided by Microsoft. Follow Microsoft's official steps to turn on BitLocker encryption:

  1. Locate the hard drive you want to encrypt under “This PC” in Windows Explorer.

  2. Right-click the target drive and choose “Turn on BitLocker.”

  3. Choose “Enter a Password.”

  4. Enter a secure password.

  5. Choose “How to Enable Your Recovery Key” which you’ll use to access your drive if you lose your password.

  6. Choose “Encrypt Entire Drive.” This option is more secure and encrypts files you marked for deletion.

  7. Click “Start Encrypting” to begin the encryption process.

Ubuntu Linux

To encrypt your hard drive on Ubuntu, refer to the following guides:

Note: If you're using the Drata Agent on Linux, you'll need to manually upload evidence of disk encryption. View this article for more details.

Did this answer your question?