Toolbox

Disk Encryption: How to Buy FDE

Characteristics of an effective FDE solution and critical selection criteria, according to experts.

October 21, 2009

Also see the companion article Full Disk Encryption Dos and Don'ts.


Characteristics of an Effective FDE (Full Disk Encryption) Solution

According to IDC, a sister company to CSO's publisher, an optimal FDE system should have the following characteristics:

  • Centrally managed and controlled
  • Rapidly deployed and maintained
  • Policy driven
  • Completely transparent to the user
  • Easily supported by help desk or IT personnel
  • Provide support for removable media
  • Expandable, allowing new managed encryption applications to be added, as needed
  • Extensible, enabling organizations to add managed encryption to existing enterprise applications


Selection Criteria

According to a presentation by Eric Leighninger, chief security architect at Allstate Insurance, selection criteria he used when choosing an FDE system included:

  • Strong key management
  • Storage of encrypted keys separate from encrypted data
  • Controlled views to keying material (separation of duties)
  • Key recovery (onsite, offsite and disaster recovery)
  • Interoperability with enterprise software
  • Support for removable media
  • Low performance degradation
  • Background encryption processing capability
  • Fault tolerance (power outages or user shutdown does not affect encryption process)
  • Support for suspend and hibernation states
  • Compliance with FIPS 140-2, a U.S. government computer security standard

FDE

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors