Encryption section seems complicated for developer flow

[AndrewMohawk]

What content are you looking to modify or update?

I think that having all the encryption sections makes its very difficult to navigate as a developer:

Ie if the dev is on a mac really what they need to know is make sure that if they are on Apple Silicon that they have filevault on. However if they are going through file/volume/full disk/partition it can easily be confused about what they should do.

I suspect it will be more managable if its something like:
Developer machine encryption
Server encryption
Other

[mattaereal]

Totally agree. Some part of this was on the initial handbook from the guild, which had a different focus, so I'd say we recategorize the most important aspects and start with something like you propose.

Bewlo is something I drafted and asked GPT to organize more clearly. Section 6 and 7 can be within the rest, but I like it more separated:

1. Encryption Essentials
What It Is & Why It Matters: Quick overview of encryption’s purpose.
Key Use Cases: Data at rest, in transit, and in use.

2. Local Encryption
Device Encryption: Disk and file encryption (e.g., BitLocker, FileVault).
Personal Data: Best practices for securing local files.

3. Cloud Encryption
Storage Security: Encrypt before uploading or rely on provider encryption.
Key Management in Cloud: Control and rotation basics.

4. Communications Encryption
Messaging: End-to-end encryption (e.g., Signal, WhatsApp).
Email: Simple tools for email encryption (e.g., PGP).

5. Key Management Basics
Key Protection: Generate, store, and rotate keys responsibly.
Centralized vs. Local: Cloud-based KMS vs. personal key storage.

6. Practical Tools
A curated list of encryption tools for:
Local (e.g., VeraCrypt).
Cloud (e.g., AWS KMS).
Communication (e.g., Signal, ProtonMail).

7. Common Mistakes
Avoid weak algorithms (e.g., MD5, SHA-1).
Secure key storage and avoid hardcoding.