Encrypting the Windows System Disk - good idea or not?

Hi folks!

Simple question really.

Currently re-building my desktop PC and aiming for

Windows 10 Pro (64-bit) dual-booting with Linux Mint on a 240GB SSD.

A separate 5TB hard disk for data storage.

Not sure about how to set this up - partitioned as two separate drives one for Windows documents (and encrypted) and one for Linux documents (not sure whether to encrypt this or not). Any advice/suggestions welcome on this.

A third laptop hard disk for data security (copying any docs/files etc from the Windows data drive only).

Question is this.

Should the bootable system disk containing Windows 10 Pro be encrypted or not? If yes - can you suggest a suitable (& free) encryption solution.

Should the Linux partition also be encrypted - is it necessary and/or will it cause any conflict being dual-booted with Windows?

Thanks,

Art

Win10 Pro has a native system encryption solution, iirc.

zebal said:

First thing to keep in mind is that encryption will slow down your disk I/O, therefore if you're gamer or work with some performance hungry programs you should avoid encryption.

Will other people please tell me if they think it really is that bad or not

larc919 said:

It always takes more time to decrypt than not. Whether that small amount of extra time interferes with your regular computer operations would mainly depend on what you do on your system. You could always try encryption if you really need it (maybe not a good idea to do it just because you can) and see what the effects are. If you can't live with it, switch back.

Playing a modern "AAA" game maxed out on a top-line PC? (one that has a rtx2080ti)

Would it cause a noticeable difference? If yes, how much of a problem in your humble opinion?

larc919 said:

Sorry I can't answer that question since I'm not a fast action gamer. My systems aren't encrypted, but I do some work on one that is. Again no fast action games, but encryption has never been bothersome with any normal business-type operations.

Alright.

Hi zebal,

My original post said:

"Not sure about how to set this up - partitioned as two separate drives one for Windows documents (and encrypted) and one for Linux documents (not sure whether to encrypt this or not). Any advice/suggestions welcome on this."

zebal said:

First thing to keep in mind is that encryption will slow down your disk I/O, therefore if you're gamer or work with some performance hungry programs you should avoid encryption.

Nope. Some downloaded YouTube videos maybe but eveything else not performance-hungry, I'm not a gamer!

Your setup with dual boot Windows/Linux means you want your linux drive to be encrypted, and Windows not encrypted.

Linux would be used to privacy concerned tasks, while Windows would be used for performance and everyday life.

See my comment above.

If there would likely be a conflict on a dual-boot system where both Windows and Linux were encrypted, then I'd go for just the Windows OS to be encrypted and the Linux OS not.

To encrypt linux drive there is built in tool called dm-crypt, there are other solutions too, so feel free to experiment.

If you want to encrypt windows, bit locker is good enough, just make sure your have TPM and that hardware is compatible, for maximum efficiency.

What is TPM and how do I know if my hardware has it (or is compatible)?

In any case drive encryption is not solution to lock down data on an online PC.
For sensitive files, they should always be on offline PC.

I am not unduly concerned about this.

I'm really asking whether there is any merit to encrypting the OS where your data is on a separate disk and the disk is encrypted. Seems like overkill to me. Thoughts??

Art