Disk Encryption 101

Disk Encryption 101

Encryption is one of the basic ways by which organizations and individuals can help to protect their information and that of their clients. Modern encryption algorithms make it impossible for someone to read the data without access to the secret key. As a result, the breach of encrypted data is not considered reportable under regulations like HIPAA.

Lost and stolen devices represent a significant threat to organizational cybersecurity. In fact, 45% of data breaches in the healthcare field are caused by lost or stolen devices. Any steps that organizations can take, like full-disk encryption, can help to reduce or eliminate the threat of these kinds of breaches.

What is disk encryption?

Encryption algorithms are designed to take data and a secret key as output and produce an obfuscated form of the data that cannot be read without access to the decryption key. For disk encryption, symmetric encryption algorithms are used, meaning that the encryption key and decryption key are the same.

The details of how the encryption key is stored and protected varies based on implementation. One option is to use a Trusted Platform Module (TPM) to store the secret key. Another is to require a password from the user upon boot; the password decrypts the key used to encrypt the disk. The final option is to store the encryption key on a USB drive and require it on boot.

When full-disk encryption is enabled on a computer, every file in the operating system is encrypted using the master encryption key. As a result, someone with access to the computer in a powered-off state cannot read any data on the disk, making it secure against data breaches caused by a lost or stolen device.

Once the user has authenticated to the machine and allowed the encryption key (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/tGl9N5TfmX4/