Resources

How to: Android file encryption

If you’re like most people, your mobile device is increasingly at the center of your work and life. Of course, that means your phone is increasingly being used to access sensitive information—data you might want to encrypt. There are a couple of ways to approach this. You can encrypt the device, of course, but in our minds, it’s far more important to secure the data itself. That way, it’s protected no matter where it resides. Let’s break down Android file encryption options and plain-old phone locking.

The non-option for Android file encryption: Passwords

Sure, a passphrase is likely to keep friends and family at bay, but it wont be sufficient to thwart a real thief. After all, with the asking price for sensitive personal health information and personally identifiable information skyrocketing, thieves are seeing less payout possibilities from the hardware itself, and are more interested in the data these devices contain. German researchers discovered a technique that uses cold booting to extract phone data even if the phone is protected by a PIN, highlighting one of the weaknesses in passcodes compared to Android file encryption.

Android file encryption option 1: Full-disk Android encryption

Full-disk encryption for Android basically means you’re encrypting your phone, so your files are encrypted at rest when the phone is locked. Any files you send and receive from your phone won’t be encrypted, unless you employ other methods to make them so.

An Android data encryption feature has been available for a number of years, storing the keys on the device. For a time, Google even said it would go so far as to offer full-disk Android encryption by default, though performance issues (read: a massive slowdown) prompted a rethinking of that policy. This is no real surprise: Android file encryption takes up your Android’s resources.

To decrypt your Android—that is, to actually work with it—you’ll need to enter your password or PIN. Other than that, you can mostly work with the device normally—so long as the encryption process doesn’t slow down your device too much. The other change you’ll see is the disabling of pattern and swipe lock screens

How to do full-disk Android file encryption:

  1. Set your Android device’s screen lock passphrase. This will also serve as your device’s decryption key.
  2. Navigate to the Security submenu, and select Encrypt Phone or Encrypt Tablet. You can usually find the Security menu under settings, but it may differ depending on your device.
  3. Enter your PIN or password to confirm.
  4. Your device will reboot and encryption will get under way. You’ll see a progress indicator of the encryption process, but it can take as long as an hour. Note: If you interrupt the Android file encryption process, you could lose all or part of your data—permanently.
  5. Once encryption is complete, your Android device will reboot, and your phone will ask you to type the password to decrypt storage. Type your PIN or password. Your device will decrypt your data and will boot back to Android.
  6. Confirm that your device is encrypted by heading back to the Security submenu. You should find that it’s labeled “Encrypted.”

But many users don’t want to encrypt everything, or they want to make sure that they have not only Android file encryption, but everywhere file encryption. That’s where Android file encryption alternatives come in, so that users can encrypt sensitive data on an as-needed basis and customize their security to their needs.

Android file encryption option 2: Android file encryption with Dropbox

At Sookasa, we’re big believers in protecting data—the most important stuff—rather than just trying to protect the places where that data lives or travels. Sookasa is a Dropbox encryption platform that protects your sensitive files on cloud services and devices, including Android. Sookasa enables HIPAA and FERPA compliance for Dropbox, and in turn, provides Android file encryption.

Here’s how it works:

  • Download the Sookasa application. For best results, we recommend getting oriented on your computer. From there, connect your Sookasa and Dropbox accounts.
  • We’ll create a secure folder, called Sookasa, in your Dropbox account. (That’s right: Our seamless encryption solution doesn’t disrupt the normal Dropbox experience at all. You can work from Dropbox just like you always have.)
  • To encrypt your files, simply drag them into the Sookasa folder
  • For Android file encryption protection, download Sookasa to your Android. You can download the application from the Google Play Store.

Once complete, you can work directly from your Dropbox app, your email, or any other application to open and view encrypted files. You can access data protected via Android file encryption using the Sookasa app. Our Dropbox encryption is transparent, so all you need to do is sign in, and then you can open any encrypted Sookasa file securely from Dropbox or email by tapping on it. That’s the beauty of Sookasa: The files are encrypted before they’re ever synced to your Android.