If you have been following our blogs you know that the ideal FDE architecture has two main components. The actual encryption component is a separate layer from the key management. The encryption can be done by the OS (e.g. BitLocker for Windows or FileVault2 for Mac), by Self-Encrypting Drives (SEDs) or by ISVs such as WinMagic’s FIPS140-2 validated software cryptographic engine.
Our previous blog posting established that storage encryption technologies, such as full disk encryption (FDE), and their associated key management functions should be separated from each other.
Have you ever wondered what happens to your data once a thief gets their hands on it? Bitglass, a cloud security company conducted an experiment to find out just what happens when data has been stolen. And the answer may surprise you.
Staffordshire University in UK reported that a laptop containing applicant information was stolen from a car belonging to a staff member. Due to the size of the data file, the information was held locally on the hard drive of the laptop.