Full Disk Encryption – Why use it?
Not all encryption methods are equal. Due to the design of Windows, you will suffer data leakage in the swap files and temporary files.
When to use it?
If the data is sensitive, and you have a legal obligation to protect it, then use software which encrypts the entire hard disk, end to end, on a track by track and sector by sector basis. In a nutshell, full disk encryption software negates Forensics entirely (Caloyannides, 2004).
- Use full disk encryption, to encrypt the entire disk/USB, just in case of theft.
Are there any limitations to full disk encryption?
Yes. Full disk encryption only protects data when the computer is turned off. It offers no protection when the computer is turned on by an authorised user, with the password. If the user is logged on, and steps out of the office, the data is at risk. It is ideal for mobile employees or those who use USB pens to transport data – as these are prone to being “lost” by accident.
What products offer full disk/USB encryption?
- 1. Truecrypt = Free, open source, but usability can be tricky for the novice user. http://www.truecrypt.org/
- 2. SecureDoc = not Free, offers 256 bit AES encryption. https://www.winmagic.com/products/full-disk-encryption