Lost data accounts for a large number of security breaches and, unfortunately, major fines. These fines are levied against companies at large, despite the fact that it could have only been one laptop that was lost or stolen. Given the portability of laptops stuffed with highly sensitive patient or cardholder data, it’s easy to see why just about all the major compliance initiatives such as HIPAA, PCI, and others require data encryption. In this article, we’ll discuss why business owners and executives should use full disk encryption, not just on their own system, but company wide.
FDE Management and Benefits
The concept behind FDE is actually quite simple, even though, historically, the managing of it has not always been quite so easy. FDE management is difficult because it requires the manual storage of recovery keys and individually “turning on” encryption on systems. With potentially hundreds or thousands of systems in a single IT environment, these two tasks alone present quite a challenge. Unfortunately, the two aforementioned pain points forced a lot of organizations to forgo using FDE, often to their detriment.
Organizations can be hurt because data that is kept unencrypted can easily be recovered by hackers either through stolen laptops or systems or different modes of attack. As a result, a best practice from a security perspective is to encrypt data so that a lost or stolen hard drive cannot reveal the underlying data. Even if an organization isn’t convinced that encrypting data is a security item, should they fall subject to any data or privacy regulations, they will be forced to comply. Our Top 5 Recent Healthcare Security Breaches highlights differing scenarios about how failing to enable FDE can hurt your organization.
Enough of the doom and gloom. Benefits surrounding the usage of full disk encryption are both tangible and intangible. With FDE properly enabled to each system in your fleet, risk of data compromise is greatly reduced. Further, compliance with regulations results in the prevention of potential fines due to lost or stolen hard drives / systems. A key intangible benefit is peace of (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/security/why-use-full-disk-encryption/