First and second computing devices are selectively operatively coupled together. The first device provides data to the second device. The second device can be a portable computing device. The second device is configured to encrypt/decrypt the data, as needed by the first device. The second device maintains the cryptographic key data internally. As such, the first device, which, for example, may be a personal computer will only maintain the returned encrypted data following encryption and only temporarily use any returned decrypted data. Thus, by physically and operatively distributing the cryptographic processing/maintenance between the two devices, additional security is provided for protecting private data.