What kind of encryption is best for you?

There are plenty of ways to secure data and all have pretty acronyms: Full Disk Encryption (FDE), File and Folder Encryption (FFE), Removable Media Encryption (RME) and so on. These three are the ‘meat’ of any good encryption solution. The question an organization has to ask itself is – which is best for me?

It’s an honest question and one that should be asked. Generally speaking, FDE is the most commonly selected solution – it’s safe, practical and very easy to implement and manage. With FDE there’s very little to worry about, the entire disk is encrypted, every portion of the hard drive is protected whether data resides there or not. This includes files, folders, the Operating System (OS) and space that isn’t used yet.

And this is really the key to FDE – every portion/sector/area of the hard drive is encrypted. Some solutions will not encrypt the OS or will only encrypt areas of a hard drive that have data stored on them. Neither solution is ideal when compared with proper FDE. If partial file protection is what is required, FFE is likely the better route to follow.

While FFE also ensures critical files and folders are encrypted, it has its weaknesses. FEE is susceptible to user error and generally speaking, is more complex to manage than a traditional FDE solution. However, FFE can be a much more ‘secure’ solution than traditional FDE when you look at how granular you can get with controlling information and how it’s secured.

Now both of these solutions are fantastic ways to secure sensitive organizational information, but what happens when that information needs to be shared either internally or externally? If that’s a requirement, then RME is an ideal add-on solution. A RME policy, incorporated as part of an overall data security solution, ensures things like accidental data leakage doesn’t happen. It ensures all removable media is encrypted when used whether it’s a USB key, external hard drive, CD/DVD etc. It gets locked down and helps to avoid situations like the loss of the personal information of 583,000 Canada Student Loan borrowers.

No matter what the requirement is, the good news is that we have a solution that will address it – SecureDoc.

Previous Post
The PC is dead, long live the PC
Next Post
The Cost of Data Loss

Related Posts

Talkin’ to Government

Today marks our first day at FOSE – the annual conference for government technology professionals. In today’s increasingly security-sensitive environment, this conference should provide some good insights as to what’s on the mind of folks working in government and how…
Read more

Wrapping up FOSE

As you saw last week, we were pretty busy at FOSE meeting people, shaking hands and talking about data-at-rest security. It was an interesting show to say the least. (more…)
Read more

Encryption only works if you use it

Once again there’s been a device theft that has left the personal health info (PHI) of 11,000 patients out in the open because the device was unencrypted. But when you look deeper into the problem, the organization did actually have…

Smart Cards, 10 Years Later – Part 2

In my last blog, I left off talking about the different forms of authentication and the abundance of solutions available to enable multi-factor authentication (based on the directive to increase security for user authentication into laptops). (more…)

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu