Hi Ralf, On Fri, May 18, 2007 at 06:00:30PM +0200, Ralf Ronneburger wrote:
Michel Messerschmidt wrote:
For example, encrypted filesystems are almost always useful to prevent data leakage from abandoned hardware (think of all the harddisks sold on ebay). Also any file encrypted by a user improves the security by reducing the time the data is accessible and subject to attacks.
For harddisk encryption on servers this is senseless. The disk is always online (therefore not protected) and before you sell it on ebay you can always use some tool to overwrite it with random data. For broken disks you'll find a strong magnet or even better a company that shreds them. To use encryption for this purpose is a waste of time and resources.
While shredding and magnets can destroy your data they also render the harddisks unusable. But companies often try to avoid this because of the extra profit. In my experience it can be difficult to establish such processes reliably. Even if you can convince your company to destroy old disks, you still need to trust the disposal company (and its employees), since there are typically no resources to do this inhouse. And have you ever tried to wipe old disks of a server with eg. the DoD or Gutmann algorithm? You'll need more time and resources for this than lost by encryption throughout the lifetime. Additionally there are still concerns that wipe processes may not be sufficient (for example because of integrated write caches). Regards, Michel