We live in an age of security breaches. It’s hard to turn on the news and not hear about another compromised company. An attack vector for such hacks that’s growing in frequency is system theft. Studies show that a laptop is stolen every 53 seconds. Once stolen, the laptop’s hard drive can be removed and opened via another machine, laying out the drive’s juicy data for a hacker to prey upon. These attacks can be prevented with full disk encryption. But, what is full disk encryption (FDE)?
What is Full Disk Encryption (FDE)?
Full disk encryption employs at rest encryption software, such as BitLocker for Windows® systems or FileVault 2 for Macs®, to improve hard drive security. With FDE, a computer’s data is encrypted during periods where the machine is off, or at rest. That way, the drive’s data can only be accessed in one of two ways. Of course, the first option is inputting user credentials and opening up the laptop as normal. The other option, such as in the case of laptop theft or a similar event, requires that the drive is unlocked via a complex recovery key if the password is not available. Of course, the hope is that the thief will not know either the password or the recovery key, so therefore the data would be inaccessible.
Because of the nature of full disk encryption, bad actors are less likely to be able to purge a swiped hard drive’s information, making the system more secure as a whole. Data at rest is so widely regarded for its ability to promote security that it is a requirement for many compliance regulations including PCI, HIPAA, and GDPR. Encrypted data is especially pertinent for HIPAA compliance, as one of the healthcare industry’s biggest breaches was due to the theft of an unencrypted laptop.
Full Disk Encryption in IT
While it certainly has its benefits, full disk encryption is not as widely used as you would think it should be. In IT especially, enterprise implementations of FDE are proving to be a more difficult task than some (Read more…)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/what-is-full-disk-encryption-fde/