We recently talked about the benefits of Full Disk Encryption in an organization that is concerned about data security (and who isn’t concerned about data security today?) But there are limits to the level of security FDE can provide. Most of these limits are not inherent in the software, however, but in the level of care users in the organization take to protect the data.
As successful as FDE is to prevent outside theft of important data, there are certain things FDE can’t accomplish. Let’s take a look at some of the limitations of full disk encryption.
FDE can slow down processes. – FDE is hardware-based encryption, which means the drive is encrypted at the hardware level, and the encryption must be included by the manufacturer at the time of production, although users can add FDE technology through software applications after the fact. FDE encrypts not only mission critical data, but the drive’s operating system. This can slow down processes.
FDE can create a false sense of security – While full disk encryption encrypts data on the drive, it cannot protect your server or workstation PCs from threats of viruses and malware. Users still need to be conscious of accessing the internet only via secure connections and making sure sites they visit have SSL encryption if they are sharing important financial data. There are a number of other common sense measures that must be taken to protect data, even on an encrypted hard drive.
Full Disk Encryption must be used on all drives in your organization – Using FDE is one way to protect your organization’s most critical data and trade secrets. But you must use the same level of encryption on any and all copies of that data, including your back-ups. You wouldn’t believe the number of users who have encrypted drives for their servers or workstations but then back-up data to unencrypted drives.
This philosophy extends to encrypted drive data recovery, too. If your encrypted drive needs data recovery service, you want a firm that will protect your data with the same level of care you do, storing it in a secure facility and returning your recovered data on an encrypted drive.
Your data recovery service, additionally, should respect your right to confidentiality in a data recovery emergency. You should trust your data recovery specialists as much as you trust your own IT staff with mission critical data. Only then will you know you are doing everything you can to protect your organization’s data.