F
ull disk encryption (FDE) is tipped to be the top
security technology for IT departments in 2009, but it may not
offer a quick and easy fix.
IT user organisations and security experts warn that while
encryption could keep auditors, regulators and other stakeholders
happy, IT departments should not rush into it.
The biggest benefit of FDE is that it makes it unnecessaryfor
organisations to separate their sensitive data from their
non-sensitive data andit offers protection against all but the most
sophisticated hackers.
It is becoming easier for organisations to justify the cost of
encryption, but many are failing to take time to plan carefully
enough to avoid the pitfalls.
There are still challenges with FDE, but none are insurmountable
says Ollie Ross, research head at IT user group,
The Corporate IT Forum.
Challenges include compatibility problems with existing
applications, user resistance because of the additional passwords,
andthe extended boot times needed.
But organisations can avoid most technical and user problems by
testing and training staff before deploying encryption, says
Gartner analyst John Girard.
Training can explain benefits, manage user expectations and
allow organisations to formalise recovery procedures, and
encrypting at each refresh can avoid lost productivity, says
Ross.
FDE is only effective if companies manage the security
credentials of their staff properly, so policy enforcement is
vital, says Alessandro Moretti, co-chair of the (ISC)2 European
Advisory Board.
ITorganisations cannot dismiss FDE, so it would be best for them
to start moving towards it as soon as possible, saysGirard
Those which recognise that they need to spend time on testing,
training, deployment and management overheads will reap the most
benefits.