I have written about the security implications of using sleep with encrypted drives in the past and have offered both short term and longer term solutions that would allow users to use sleep under some conditions and not risk (too much) a data breach. Today I am writing to offer another, common sense, alternative: Just don’t use sleep because you don’t really need it.
NVMe technology had a big presence at the Intel Developer Forum (IDF), held in San Francisco of September this year. There were products and demonstrations from about a dozen leading vendors including Intel and Micron. I also attended quite a few sessions, but the one on NVMe was the only one that was overflowing with people.
One of the key examples I use when talking about the importance of data encryption is the value of the data that could potentially be exposed. Is a $900 laptop worth the $1 million or more of liability potential if it’s unencrypted and lost or stolen? It turns out I was wrong – the average settlement is much higher, and that’s a good thing.