Calculating the Cost of Full Disk Encryption

CowboyRobot writes "Is full disk encryption (FDE) worth it? A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20, based on a reduction in the probability that data will be compromised as the result of the loss or theft of a digital device. 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'"

One click for $235

[flyingfsck]

I am expensive, but not that expensive. I don't charge a customer $235 to click a full disk encryption check box while installing Fedora Linux. Maybe I should...

Re:One click for $235

[Joce640k]

The TCO of is more than the cost of installing it.

Re:One click for $235

[Pieroxy]

Your customer CPU will heat more, and your customer will spend more time in front of his computer waiting for the disk to be accessed. It might be a few ms at a time, but cumulated over a year, imagine !

Anyways, putting a price on something like this is always highly suspect.

How do they get the $4,650 gain anyways?

Re:One click for $235

[gl4ss]

I would think the costs come from electricity and possibly from losing access to your data.

Re:One click for $235

Quote: "The study measured costs in 11 segments: licensing, maintenance, incremental costs, device pre-provisioning, device staging, tech time spent on password resets, end-user downtime spent during password resets, cost associated with re-imaging hard drives, end-user downtime associated with initial disk encryption, end-user time spent operating an FDE-enabled computer, and the value of tech time incurred for various administrative tasks related to encrypted drives. [...] The study found that the most expensive element of FDE is [...] the value of user time it takes to start up, shut down and hibernate computing systems while using FDE."

Re:One click for $235

Security is not something you mess with.

Personally, my data is worth a lot, to me, not to anyone else, I can't put a price on it. Simply because the data on it is personal, irreplaceable, I'd rather have it destroyed than having some one else see it (no, not porn).

A company can. You have 10 million records, they get stolen, class action suit gets you to pay damages 10k for each ...

To be honest this whole computer security isn't even about technology or security expertise or anything like that, it's about money and savings. Companies don't want to back-up their data because of the implied costs, so, they risk it and consider it a financial risk. Same for security.

Re:One click for $235

[hairyfish]

I've been working in IT depts for roughly 20 years and can't remember ever having issues related to "data breach from lack of encryption". Not saying it doesn't happen, but I reckon for most people (outside of finance/defence/govt etc) it's overkill. It raises a question, how much security is too much? Do you have a lock on your front door? 3 locks? 45 locks? If you had 100 locks on your door and only locked 99 of them, would this be considered vulnerable? This is how I think of the security industry. One lock is fine. If that doesn't work, then no amount of extra locks will help. The bad guys will simply break a window.

Re:One click for $235

[DJRikki]

It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

Re:One click for $235

That's kind of a flawed way to look at things imo (no offence intented).

Having 99 locks on the frontdoor is indeed pointless, but that's because all those locks perform the same function. Using (for example) a virusscanner, a firewall and full disk encryption is more akin to having both a lock on the frontdoor but also a fire extinquisher in the hallway. It's a very sane and generally smart thing to have.

On a sidenote, having 2 (different) locks on a door may very well be a smart thing, because a Type A lock has different flaws than a type B lock. Having 2 different kinds means you potentially eliminate a variety of easy exploits that target a specific type of lock. I don't know where the "line" is but i find it hard to imagine more than 2 or 3 locks being a sane scenario for "regular" entrances.

Now it's obviously true that every security measure brings with it a "penalty" if you will, to legit users. For most locks this means the user has to carry a key on him, something most people in the west consider normal and not a high price to pay. Having to remember a PIN code to use your debit card is also a penalty on legit accountholders, but we accept it. Now wether or not full disk encryption is as pricey as the article seems to make out, i dunno, but lets look at the alternatives.

A) Unencrypted drives
B) Certain Encrypted drives/containers/shares/whatever
C) Full Disk encryption

In this day and age (dare i say it, the Information Age) there is a definite demand for encrypting sensitive and important data for almost everyone but the most untrained pc user. This makes option A a bad choice for almost everyone which means the decision is not just about "should we use FDE or not", it becomes "do we encrypt EVERYTHING or just cetain objects" and in order to make that determination you need to look at the price for both.

Let's not forget, simply enabling FDE is a minor act for the sysadmin whose installating the system, and since FDE is transparent to userspace applications, there is very little additional configuration or problems that arrise due to it. It will impact performance of the hardware, however one can take this into account during the purchase of new machine(s) and simply take a slightly faster system to make up for it (if that's even needed, usually it ain't). Only encrypting certain partitions, shares or folders means you have to deal with many additional administrative and training issues. How do you prevent ppl from moving sensitive files from the secure X:\ drive to the C:\ drive, how do you teach the (presumably non-IT) users where they can store which files. Which policies have to be enforced to ensure it all stays on the level. How often (if at all) do you audit the systems for "leaked" senstive files, etc.

I'm not a sysadmin myself, but i do work in IT and have a fair understanding on their job, and to me at a quick glance it appears FDE is a LOT cheaper and easier for everyone involved than encrypting only sensitive files.

Re:One click for $235

[ericloewe]

Considering CPUs these days are pretty much at idle, except for gaming and other niches that actually require that much power, it makes no difference whatsoever. Disk access times are also the same, and if they really are a problem, SSDs are the solution.

Re:One click for $235

[Rogerborg]

The TCO of is more than the cost of installing it.

Gotchya. Now, can you clear something else up for me? Are these the droids I'm looking for?

Re:One click for $235

[smash]

OK. MD leaves his laptop at airport/side of road/in car that is stolen. He has competitive-advantage generating information on there, that would be worth millions of dollars in contracts to a competitor.

We've had staff have laptops stolen, with data like that on them in the past. Do we know that the data was let into the wrong hands? Nope. But it could have been.

Re:One click for $235

[Dodgy+G33za]

Surely if it means a lot to you but not to anyone else then encryption is not as important (if at all) as backing up?

I have lost personal data. I also have a few old and fairly important files kicking around that I password protected many moons ago and forgot the password.

I have chosen not to encrypt, but I have a very solid backup routine.

But then I can't imagine having data that is so personal (and yet irreplaceable) that I would rather lose it than have some random look at it.

Re:One click for $235

[dbIII]

The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency. If it's not done properly with people at multiple sites having details of how to access the files it's not worth doing at all. An encrypted volume should not be a room full of people that have eaten the salmon mousse away from being permanently inaccessible.

Re:One click for $235

[JasterBobaMereel]

If the information is that sensitive then what is it doing on a portable device in the first place...?

This is like car security, what you have is a tin box on wheels, this can be stolen (Towed/transported) and worked on at leisure, all security can be broken given enough time and resources, it is usually only a case of does the thief consider it worth the time and effort ...

 

Re:One click for $235

[NicBenjamin]

Remember the people doing the actual analysis here were the military. They have much different security needs then you do.

Re:One click for $235

[machine321]

It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

I don't know if quoting Steve Gibson is the best way to make a point on Slashdot.

Re:One click for $235

[Nertskull]

I'm not sure that's what he was saying. Because he says he'd prefer it to be destroyed than others have it.

I'm in the same boat. My data is not really all the useful to others. But I'd still prefer for it to be destroyed than others have it. Just because I keep bank accounts, passwords, etc on my machine. How much can you sell one poor college kids stuff for? Probably not much. But having that level of security, that I KNOW no one else can get into my stuff, is incredibly satisfying.

If I get my computer stolen, I don't worry about pictures of my kids getting to others, I don't worry about my bank accounts or passwords being compromised, I don't worry about my work documents getting put online (I do research, and don't want my discoveries prematurely exposed). I love not worrying about that stuff.

BUT, you are correct. Backup is also EXTREMELY important. I use duplicity/duplicati type implementations. Where I can do incremental backups that ARE encrypted. So even those get encrypted and stored in three separate locations. Now days, encrypting your backups or your system is so easy, I recommend everyone I know do it.

I love my system. And I wish more people encrypted and backed up their stuff regularly. The peace of mind is worth it. My data is always safe from failures and intruders, whether it be one my system at home, or my backups in other locations throughout the country.

Re:One click for $235

[Alan+Shutko]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password. If you're worried about that, put the password on a piece of paper in a safe deposit box or some other type of storage at home.

Re:One click for $235

This is NOT multiple locks on the same entry point. The "window smash" in this case is just grabbing your device and running off rather than trying to figure out your password(front door lock). You're protecting your precious QuickBooks data and family photos even when the window has been broken. They'll just have to reformat. It costs you almost nothing, so there's no good reason NOT to protect the data.

Re:One click for $235

[NicBenjamin]

Perhaps he's doing scientific research in the field, or he's got multiple labs. Perhaps the company knows somebody is leaking data from it's network to it's competitor, therefore putting it on multiple desktops that are connected to the company network 24/7 would be bad security. Perhaps the employee is a dick who'll make everyone's life miserable if he can't do his job from his laptop.

And of course, this story is about the military. They can't lock all their sensitive info into a date warehouse in DC. They actually have to use it, in places where you can't get reasonable data speeds even if you get a network set up.

Re:One click for $235

[NicBenjamin]

Damnit I didn't read the article properly. It said Ponemon, and I thought Pentagon.

Re:One click for $235

[NicBenjamin]

Ignore the last paragraph. I could have sworn the Pentagon did the study, but turns out it's Ponemon Institute.

Re:One click for $235

[arth1]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

No, that's not what it means. Your data is only safe in that situation if you can guarantee that the encryption key is safe. If, as in most implementations, it is stored on the disk itself, only protected with a password, you're no safer than that password, no matter how strong the actual encryption is.
Did you type it in while at the hotel, trusting them not to have a camera?

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password.

Well, that's reassuring.

Re:One click for $235

[The+MAZZTer]

You forgot the cost of data recovery after they forget their password.

Re:One click for $235

[rjr162]

Layers my friend. You just said it yourself without realizing.

This isn't like have 100 locks on the front door. That'd be like having 25 AV apps running on your machine.

This is like instead of having 99 locks, you use two different types (regular lock on the handle and a dead bolt or something along that setup) and then ALSO install bars over the windows.

It's also like having a solid door with lock LOCKED at the top of your steps from the basement, just in case someone forgets to lock the basement door or for whatever reason someone gets in (broken window the squeezed in etc) theres another obstacle to them getting into the main area of the home where you and your family are.

Or to put it another way, this isn't like having 40 fire extinguishers in your kitchen closest, but more like having a few around the house, plus smoke detectors (ion and photo styles or both in one unit) on all levels and in the attic.. And if you have a furnace a carbon monoxide detector in the basement and room above the furnace plus a Heat detector in the area of the furnace etc. (oh and also working with your family on how to get out in such an emergency). (or go all the way and do a sprinkler system)

While the chance of a fire may be small, and it may appear excessive... *should* one occure your ass was prepared and covered and was able to deal with the issue and minimize the damages.

Re:One click for $235

[Lonewolf666]

Errors happen. At first glance I thought "what, Pokemon Institute?".

Re:One click for $235

[arth1]

I thought that the Manning incident showed that the real problem isn't the security, but that people have access to data.
People can never be trusted. There's no way to divide the world into the trustworthy and the untrustworthy. Reactionary witch hunts isn't going to stop humans from doing unpredictable things - with bad intent, or good intent.

This isn't the 1940s where nations intercept radio transmissions, decrypt them, and at their leisure can bomb your submarines as a result. This is 70 years later, where most intel is (or should be) outdated in minutes, not days.

Re:One click for $235

No, that's not what it means. Your data is only safe in that situation if you can guarantee that the encryption key is safe. If, as in most implementations, it is stored on the disk itself, only protected with a password, you're no safer than that password, no matter how strong the actual encryption is.

Why, of course. But if you do not encrypt, you're no safer than ... uh ... you're not safe at all because an intruder doesn't even need your password to read the data off the disk. Yes, the safety is limited by the password but that's still a huge improvement over non-encrypted setups.

Re:One click for $235

[smash]

You do live in the real world, and deal with real world CEOs right?

Re:One click for $235

[__aagbwg300]

You think that's bad? I thought it was done by the Pokemon Institute.

Re:One click for $235

[DJRikki]

Glad I didnt quote him then ;) Using a stop watch though does seem to fall within his abilities ... barely.

Re:One click for $235

[gnasher719]

The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency.

Apple found that the most common problem is this sequence: User turns on encryption, user is asked to create a password, drive is encrypted, user never wrote down or remembered the password. There is a simple user interface change avoiding this problem.

Re:One click for $235

[carpefishus]

"lock on the frontdoor but also a fire extinquisher in the hallway" I would have preferred a car analogy.

Re:One click for $235

[bzipitidoo]

The data you're talking about is not private. SSN, seriously? What stinks about something like the SSN is that you are told you have to both keep it secret, keep it away from identity thieves, and you are frequently required to give it out in plaintext for all the things the identity thieves also want to use it for. How many times now have we heard of some company database breach that leaked thousands of customers' credit card numbers and other "sensitive" info? What really is the point of signing your name, when your signature is so easily obtained and forged? It's pure security theater. The system is seriously flawed at a fundamental level. The reason your info is not all over the place is not because you've guarded it well. You can't protect data that's already in many other hands. It's because most people are honest and don't have any use for it.

Banks and governments and the like ought not to rely much on such publicly known information to authenticate people. We're seeing some progress with the availability of one use credit card numbers, but we need a lot more. We could do some kind of digital signature algorithm on a credit card sized device, fairly cheaply. But evidently not so cheaply that banks feel it's worth doing. At the least, they shouldn't expect you to guard those numbers as if they're a huge, important secret. It was certainly made important to you, but it isn't a secret. FDE is overkill for that, but if you're more comfortable using FDE, go for it. Just don't kid yourself that it protects your SSN.

Re:One click for $235

[Just+Some+Guy]

If the information is that sensitive then what is it doing on a portable device in the first place...?

I don't have information that sensitive by a long shot. But I'm currently a contractor who provides my own laptop and I do have some of my employer's sensitive information - pricing plans, campaign strategies, etc. - on my personal computer because that's what I use to do the work for them. I have OS X's full drive encryption enabled and a two-day-old encrypted Time Machine backup at my house. If my laptop gets stolen on the BART, bummer. I have to go fill out a police report, file an insurance claim, and do other inconvenient stuff. And when I bring my new laptop home, I restore it from the backup and I'm up and running again a couple of hours later. The thief has my hardware but not a single byte of my personal or employer's information.

That's a nice situation to be in. If I did lose my laptop, I can tell my supervisor "sorry for the inconvenience while I get a replacement. Don't worry, though; your stuff is locked up and the thief can't get to it." That is infinitely preferable to the alternative of "umm, we might have a problem."

Re:One click for $235

[Shoten]

The TCO of is more than the cost of installing it.

Joce640k is spot-on, and I'll elaborate. Do you really think that most users are capable of being just fine on a Fedora-based laptop? That users will never forget the credentials to decrypt their hard drives? Or that things won't go wrong...like a bad sector, for example? Support and recovery are the most expensive parts of disk encryption, by far. Additionally, in most situations where encryption is in use, there are regulatory mandates like FIPS or PCI DSS in place, and thus there's a need to provide reporting to demonstrate compliance. Checking a box in Fedora is nice, but doesn't give you the management capability and reporting that you get from a commercial solution that has a central point of management. So for a user or two, sure...check the box. For a company or a part of a company? Get a real solution that's manageable at scale.

Re:One click for $235

[bschorr]

It happens quite a bit actually and FDE is an easy and inexpensive way to protect your firm. It's a heck of a lot cheaper than sending letters to all of your customers telling them you may have just lost their personal information.

Re:One click for $235

[Cederic]

I reckon for most people (outside of finance/defence/govt etc) it's overkill

For most people it possibly is. In Financial Services it's an excellent way to prevent the regulator fining you (for far more than the cost of installing/managing it) due to data loss.

You also need to factor in the reputational cost of losing sensitive customer data, whatever industry you're in.

Seriously sensitive data is rare within an organisation, but large volumes of any data tends to have significant value - otherwise people wouldn't pay the costs of collating and maintaining it.

Re:One click for $235

[slew]

handbrake, parking brake?
primary and secondary brake shoes?
primary and secondary brake pistons and fluid reservoirs?
seatbelt and airbags?

Re:One click for $235

[Lord+Ender]

You may have been in IT for 20 years, but you haven't worked at a level that gives you much exposure to security, clearly.

"Data breach from lack of encryption" is a common problem. From a legal standpoint, data on an unencrypted laptop must be assumed leaked if the laptop is stolen or lost. So when HR loses a laptop and has to buy the whole company credit monitoring - that's an expense saved by FDE. The problem is much worse if you have customer data or data worth stealing.

Is one lock enough? Fuck no. The principle of defense in depth exists for a reason. Because in the computer world locks are constantly being picked and break for no reason. You need multiple overlapping (not identical) security measures or you are already owned.

Re:One click for $235

[RedBear]

I've been working in IT depts for roughly 20 years and can't remember ever having issues related to "data breach from lack of encryption". Not saying it doesn't happen, but I reckon for most people (outside of finance/defence/govt etc) it's overkill.
It raises a question, how much security is too much? Do you have a lock on your front door? 3 locks? 45 locks? If you had 100 locks on your door and only locked 99 of them, would this be considered vulnerable? This is how I think of the security industry. One lock is fine. If that doesn't work, then no amount of extra locks will help. The bad guys will simply break a window.

Holy cow that was the most retarded post about encryption that I think I've ever read here, yet somehow it got modded +5, insightful. WTF, Slashdot?

The password you use to login to your computer is like a door lock. Too easily bypassed.

Full Disk Encryption is like building your entire house out of 6 inch thick plate steel, with plate steel shields that descend to protect the doors and windows when you lock the house. And the bad guys only have their hands, feet and a nail file to use to break in with. Overkill in the physical world? Yes. But in the digital world it now costs about the same as not doing encryption, and makes it thousands of times more difficult for the bad guys to get your data.

Your understanding of the relative benefits of digital security vs physical security is really terrible.

Re:One click for $235

[RNLockwood]

My first thought was that FDE which is required on all notebooks at the agency where I work has now made the startup time go from (a long) very few minutes to an excruciating 15 minutes, more or less. For instance it takes that long for the systems calculations of mouse cursor postion to agree with where it appears to be to me and I can't really do any work on the computer until it settles. The passwords are awful, too. I keep mine in an encrypted file on my smartphone - if I remember. Gotta put the username/password in twice, too; once for FDE and once again for Windows (but it used to be three times so that's progress of a sort.)

Re:One click for $235

[pepty]

FTA:

The study found that the most expensive element of FDE is not the hardware or software involved, but the value of user time it takes to start up, shut down and hibernate computing systems while using FDE

Re:One click for $235

[arth1]

Why, of course. But if you do not encrypt, you're no safer than ... uh ... you're not safe at all because an intruder doesn't even need your password to read the data off the disk. Yes, the safety is limited by the password but that's still a huge improvement over non-encrypted setups.

But not nearly as safe as keeping the key external, not just a password that can be cracked at the leisure of anyone with access to the HD or a copy of it.

To feel safe, as the GPP said, I think TPM, a fingerprint reader and a required password, all combined, would help. Just a password? Not so much.
But then again, it depends on how strong the desire or need is to keep the data confidential. Some might want a polarized display filter too.

Re:One click for $235

[CmdrMcGriddle]

Well its not for every computer in the org. It depends on what the machine is used for and what data is stored on it instead of a server. Good network storage and security can go a long way. Like say, using what has been in windows since NT 3. Time of day restriction. If the regular user / cubicle dweller does not access the office or remote in out side of normal hours then disable that pc's and local account and remote access for out of hours. It SOUNDS like a lot to manage, but it is just a bit of labor, no need to buy anything new.

Re:One click for $235

Where I work, our auditors frequently store PII. They're given encrypted Ironkeys and their laptops are encrypted with FDE. We've had no less than two laptops stolen from auditors, and one Ironkey that came up missing since I've worked there. All with PII that, if it had been unecrypted, we'd have had to notify a shitload of people as to the data breach. Being as this is a state office, I'd prefer to not have to deal with the backlash. It does, most definitely have its place.

Re:One click for $235

[dkf]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

As long as you also have backups (with whatever encryption on them that you desire/need) as well, you're right. But don't underestimate the power of disks to fail. I've had a disk fail on me once, and I only lost a week of work (and thankfully most of that was committed to an external source repository, so it wasn't actually lost at all) because I had a backup on an external device. If you're keeping stuff that it is important to retain a copy of, make an extra copy. (Do it, do it today!)

Data security is not just about protecting against malicious humans.

Re:One click for $235

[haruchai]

Let's not forget that it has to work and the admin has to know that it's working properly.
This is not a trivial task.
We use WinMagic's SecureDoc on 10,000+ Windows PCs and while it's worked pretty well, we've had a spate of unusual problems - users hibernating their laptops at the office, going home and then being unable to resume or thousands of PCs that were supposed to have only read-access to USB keys / external drives suddenly having full or partial write access.

There's also an overhead, significantly higher than what the vendor claims, that is clearly demonstrable between an encrypted and unecrypted PC - our best guess is an interaction with McAfee.

Re:One click for $235

[dkf]

Did you type it in while at the hotel, trusting them not to have a camera?

Why are you taking high-security data to a low-security location in the first place? You fail Security-101.

Re:One click for $235

[icebike]

I love my system. And I wish more people encrypted and backed up their stuff regularly. The peace of mind is worth it. My data is always safe from failures and intruders, whether it be one my system at home, or my backups in other locations throughout the country.

Chances that your data will be stolen over the net probably exceed the chance of physical theft by a factor of 10.
Full disk encryption doesn't help this, and anything that can be foisted into your system will have disk access.

This is where the fallacy in TFA manifests itself.
The risk is the network connection, not the drive.

Re:One click for $235

Did you type it in while at the hotel, trusting them not to have a camera?

CSI is not a documentary. Camera resolution is limited, and if the camera is in the wrong place, the cute blonde chick can't just say "rotate ... enhance ..." to move it to the right place after the fact.

Simple facts in reality:

1. Full-disk encryption with a strong password completely protects you against a number of realistic threats, such as a sophisticated criminal acquiring your laptop from a thief and using private information to conduct identity fraud.
2. It does not protect you against everything, but the remaining threats are relatively unlikely.

A seatbelt won't help you much if a building collapses onto your car, but that doesn't mean seatbelts are worthless.

Re:One click for $235

[Rich0]

Does Fedora actually support passwordless full-disk encryption (ie the key is in the TPM)?

This can certainly be done on Linux, but the only "distro" I've seen that uses it is ChromeOS. Actually, I'm not completely certain that it even uses it (profiles might just be encrypted with the Google password - which isn't nearly as good).

Most distros just use LUKS, and that isn't nearly as good as full-disk encryption. If the user forgets the password (or refuses to give it to the computer owner) the drive is lost, and so on.

Re:One click for $235

You think that's bad? I thought it was done by the Pokemon Institute.

Pokemon/Ponemon, can't it be both?

Re:One click for $235

[TarPitt]

Full Disk Encryption means I don't have to worry about it.

Until a minor disk flaw renders the entire drive unrecoverable

Re:One click for $235

[arth1]

1. Full-disk encryption with a strong password completely protects you against a number of realistic threats, such as a sophisticated criminal acquiring your laptop from a thief and using private information to conduct identity fraud.

"completely"? I would think that a sophisticated criminal would be able to run truecrack or similar against it - or even rent a botnet or cloud service that does it for you.

Re:One click for $235

[Tetch]

MOD PARENT UP

It's the least we can do to make up for the lousy moderation he's quite rightly complaining about.

Re:One click for $235

[smash]

Thats exactly the sort of information I'm talking about. Our internal expenses, pricing plans, strategy etc would be a huge advantage for a competitor to get hold of.

I would suggest that your average MD / CEO will have all sorts of similar information in their Outlook OST file, PST files, spreadsheets and draft word documents. They tend to work on information such as this (even checked out/cached versions of the network share) whilst on the road.

If you think the typical high level business stakeholder doesn't have similar stuff on their laptop, you're deluded.

Re:One click for $235

[tlhIngan]

I am expensive, but not that expensive. I don't charge a customer $235 to click a full disk encryption check box while installing Fedora Linux. Maybe I should...

I understand full disk encryption, but actual usage of a customer provided laptop (to meet their security requirements) has given that cost to be on the "low' end.

First, we've suffered odd "delayed write failures" on Windows when we acquired a set of brand new i7 laptops. It mostly affects our VirtualBox disk images, and gotten so bad some of my coworkers lose half a day while they delete the old disks, reinstall the VirtualBox Appliance image (which lays down a preinstalled OS image so we're up faster) and reconfigures everything, including removing the appliance provided disks and restoring a backup of the disk files. IT did some things which mostly restored things, but it took several days.

Next, we came into some oddball BSoDs which IT a week later figured it was an interaction between a Windows update, the disk encryption software, and the virus scanner. Worse yet, not everyone saw the BSoD - as part of the investigation in the first issue, my system got updated to the new virus scanner which solved my delayed write failure problems. So I never saw that, while IT was figuring it out.

In the end, the blame fell int he combination of FDE software, antivirus, and monitoring software.

Of course, they don't use TrueCrypt, which I think would've solved half the problems...

Re:One click for $235

[Tastecicles]

a bullet would render any drive unrecoverable, encrypted or not... your point?

Re:One click for $235

[Havenwar]

If people want my DATA enough to go after me with a wrench, I'll give up my password before they even lift it. Well, either that or I've gotten involved with something really fucking weird. Anyway, that's not the standard use-case here... People want my laptop. It's expensive. Odds of getting my laptop stolen are a lot higher than anyone taking half an interest in what's on it.

But when they've stolen it, I'd rather they were forced to do a re-install to use it, rather than give them for free, without an effort, the bonus of banking details and personal information as well as private correspondence, which they are likely to stumble on while looking for my porn stash. (Not that I bother hiding it.)

These people won't be coming after me with a wrench to find out what's on the encrypted drive... they'll re-format and move on. Anything they would have found would have been a bonus, but it was the hardware that lured them into it from the start and that's what they'll focus on. Meanwhile if I'm encrypted I get a new machine on the insurance, restore from backup, and is safe and sound. If my data was unencrypted... well, then I'd have to go through the process of changing every password, securing my finances as best I can, protect myself against fraud and identity theft, and explain the loss of private pictures to the people on them, and so on.

I don't think you are quite assessing the right risks here. It's not about being safe in the extreme case of people wanting your data, it's about your data being safe in the much more likely case of someone getting access to your hardware.

Re:One click for $235

[Havenwar]

Yes, but with a strong password they can keep doing that for the rest of your natural life and still not get in. So it's a non-issue.

Re:One click for $235

[citation needed]

Re:One click for $235

Sorry, that's classified.. All I have is the long trail of past abuses already published in your mass media rags. You can google it your own damn self!

Re:One click for $235

[bluefoxlucid]

You're silly. Nobody is going ot physically steal your shit. They're going to hack your computer and take it while the disk is decrypted by the OS drivers.

Re:One click for $235

Truecrypt, for example, uses salted passwords.

"512-bit salt is used, which means there are 2^512 keys for each password. This significantly decreases vulnerability to 'off-line' dictionary/'rainbow table' attacks (pre-computing all the keys for a dictionary of passwords is very difficult when a salt is used) [7]

i wont contest your xkcd link and its implications...most casual people wont go and setup dual booting partitions with a real and fake OS with partitions overlapping each others REAL data--too complicated, and easy to screw your data.

Re:One click for $235

U have all this stuff on your drive, encryption, firewall, AV, antimalware etc. But check virustotal, most of the bots are only caught by 50% on avg or less of AV products. That means no matter what the bad guys odds are 50-50 of getting a piece of malware on your system. If that malware is a bot or netcat or a trojan makes no difference. You boot up and unencrypt your disk, the malware is now looking at unencrypted data and with the export options on modern bots your data is gone no matter what. The only good is if you lose your laptop, AKA leave it on the curb as you jump in your cab to head to the airport!

ole bin Login.

Re:One click for $235

[lsatenstein]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password. If you're worried about that, put the password on a piece of paper in a safe deposit box or some other type of storage at home.

What happens if your computer mother-board is fried, and you buy a new machine, plug-in the encrypted hard disk as a second drive?

Does the system ask for a password when it should be mounted? Realise it is not the primary boot disk

Re:One click for $235

It took me three goes to realise it didn't say "Pokemon" !!!

Depends on the data, doesn't it?

Doesn't it make a HUGE difference what that data is?

Re:Depends on the data, doesn't it?

[Joce640k]

Heretic!

Re:Depends on the data, doesn't it?

[Antarius]

Why do we need to encrypt an 18 year old game that has had the source code released? ;-p

Re:Depends on the data, doesn't it?

you wouldn't want others to notice that you're cheating, do you?

Truecrypt TCO

[nereid666]

Does it cost Truecrypt TCO $403 year? for a company with fewer of 50 employees? I know Trucrypt don't have, enterprise functionality, like admin and user password, integration with identity management, but I thik 403$ year only in support and maintenance, using this opensource and free solution. And It is very difficult to meause the value of the information of a laptop.

Re:Truecrypt TCO

[neokushan]

Truecrypt is fantastic software. I find it's a lot easier to use and understand than Microsoft's Bitlocker (What's that about a TPM module? Do I need a USB stick or not? So many questions!) and it just works.

Re:Truecrypt TCO

[bertok]

The main difference between Truecrypt and Bitlocker is that the latter allows transparent decryption, which is very hard to solve without special hardware (TPM). Additionally, Bitlocker has automatic key escrow to Active Directory, but Truecrypt can only do the same kind of thing manually, which is useless when managing large numbers of computers.

If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

Re:Truecrypt TCO

[DamnStupidElf]

If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

The TPM is worthless as long as the consumer hardware and operating system are piles of security vulnerabilities. Once the TPM has given up the keys to the OS it's usually trivial to find a privilege escalation or dump the RAM with a firewire/PCI device or just do a cold-boot attack.

Real Costs

[HateBreeder]

Did he factor in the costs of the reduced IO performance?

Re:Real Costs

[M1FCJ]

Compared to the disk transfer rates, negligible.

Re:Real Costs

[pthisis]

At least partially:

"The study found that the most expensive element of FDE is not the hardware or software involved, but the value of user time it takes to start up, shut down and hibernate computing systems while using FDE. "

But this study doesn't pass the smell test. Take this, for instance: "The cost savings from reduced data breach exposure was $4,650." Imagine that FDE takes the risk of data breach on a stolen disk from 100% down to 0%. And imagine that any given computer has a 1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it). Both of those are very generous estimates.

The average value of a lost computer to my company--either in terms of profits lost or competitor's profits gained--would have to be $465,000 for the math to work. Which as a median doesn't make sense.

If it's a mean, it only makes sense because there are a handful of computers whose value is tens or hundreds of millions of dollars counterbalancing the vast array of other computers worth far less--but if that's the case, the right solution probably isn't to lump all machines together for analysis purposes, it's to segregate out the high-value targets and treat their security differently from the low-value targets.

Re:Real Costs

Not when you're using an SSD.

Re:Real Costs

[felipekk]

Another important question is "Who pays for each of those figures?".

The user obviously "pays" for the $235 dollars in TCO, but if the government/industry is the one paying for the $4650 then we have a disconnection between the interested parties, which could make it harder to convince the consumers to adopt this technology.

Re:Real Costs

[neyla]

Agreed on the smell-test. No matter how good a security-measure is, it cannot save more money than is lost without it. (i.e. the best possible security is 100%)

Thus for FDE to save $4650/computer/year, the current cost of data-loss that would be avoided with FDE must be atleast the same amount.

There's about 100 million computers sold annually in USA, essentially none of which have FDE. The average computer is used for atleast 3 years. The total *current* cost of data-losses must thus be atleast: 100M * $4650 *3 = $1395 billion/year.

That doesn't pass the smell-test. It would mean the losses add up to $12500 a year for each household, which is utterly ridicolous.

Re:Real Costs

[MtViewGuy]

That would be true in the past, but today with most hard drives running Serial ATA-II interfaces, the performance hit is not as bad as it used to be. And with SSD drives, the performance penalty is negligible.

Re:Real Costs

[smash]

Depends on your CPU. Modern CPUs with AES in hardware can likely do SSD transfer speed at line rate.

Re:Real Costs

[smash]

No, those are POTENTIAL losses. And in a $13tn economy, potential loss of 1.3tn if every computer in the economy was compromised and data was leaked doesn't sound unreasonable?

Re:Real Costs

[leehwtsohg]

Well, you have to also include the gain to the competitors.

Re:Real Costs

[pthisis]

According to the article, they're the average actual losses, not potential. If the potential losses were $4650 and the actual annual cost of FDE was $235, then you'd need to believe that every computer has a 5% chance of being stolen and exploited every year in order for FDE to be worth it; the article would have to conclude that FDE isn't worth it for the average machine in that case.

By ginning up a ludicrously overstated actual loss, though, they're able to make FDE look like a total bargain--at least until you start thinking about it enough to realize the numbers are cooked.

Re:Real Costs

[Zero__Kelvin]

In which case disk I/O really isn't your bottleneck anyway, now, is it?

Re:Real Costs

test

Re:Real Costs

[tomhath]

1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it)

A 1% chance of a lost or stolen laptop might not be out of line. This study was about protecting corporate data, not Aunt Minnie's recipe collection. You need to assume the data will be exploited if it can be.That means investigating what was on the drive, changing passwords, possibly informing various government agencies, etc. The cost of lost financial or medical data adds up very quickly even if the machine was wiped and sold on eBay.

A company I worked for about 10 years ago did a full audit of all PCs; they couldn't find somewhere around 25,000 machines. Lost, stolen, misplaced, decommissioned and scrapped with no record, etc.

Re:Real Costs

I *might* be convinced that 1/20 computers is compromised/stolen every year. But.. most of the time it's sold on ebay or used to send spam. Not any sort of corporate espionage or anything of the sort.

Re:Real Costs

The probabilities are obviously not weighted as you imply, though. Simply taking an average without respect to whom or what it applies to is as senseless as it is wrong. Of an entity's computers which contain data whose loss could be used to cause economic loss or harm, a trivial percentage would comprise a majority of that potential damage. This means that for a large percentage of their computers that have something of value worth protecting, the cost of encryption is not an average, but the sum of their potential losses combined across all computers subtracted from the total cost of application. The actual cost can then be understood to be that difference, with appropriate adjustment for time as the values of the data and the costs of maintaining encryption change. Not to kid too much, but this kind of preventative care doesn't seem to be highly tolerated in the US.

You applied an average to every computer that exists without considering whether all those computers met conditions that would require the use FDE, and it's the difference between each person in the US getting a share of the financial industry bail-out money and it going to a few select financial corporations.

Re:Real Costs

[Just+Some+Guy]

The average value of a lost computer to my company--either in terms of profits lost or competitor's profits gained--would have to be $465,000 for the math to work.

Unless you work in a regulated industry that can fine the living crap out of you for releasing confidential information. OK, OK, stop laughing. I know that anyone wealthy enough to have access to that much personal information will be wealthy enough to get a written warning instead of a fine, but hypothetically they could be penalized.

Re:Real Costs

No surprise given that the study was sponsored by WinMagic, a provider of FDE. So much for neutrality...

Re:Real Costs

[neyla]

That's not true. If that was the case it'd make no sense comparing the *actual* costs of FDE ($235/computer/year) with the *potential* losses. You'd need to multiply the latter with the estimated likelihood of that loss to get an average loss, and the study makes no such attempt, instead it concludes that FDE is a big win because $235 is less than $4650.

Ponemon Institute

A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20

But it's definitely worth it if you don't want your Ponedex to be stolen.

Am I the only one that read...

[yourtallness]

A recent study conducted by the Pokemon Institute... :-P

Re:Am I the only one that read...

Nope. And I specifically opened up this article to see if anybody else did too.

Re:Am I the only one that read...

Yes.

Re:Am I the only one that read...

A recent study conducted by the Pokemon Institute... :-P

What's vastly more worrying is that I did read it as Pokemon institute, but thought nothing of it until you pointed it out.

Re:Am I the only one that read...

Well, you see, they call me the Pokemon Professor, but I'm also an expert on FDE and security systems; that's a long story involving Ash's Porygon and an epilepsy epidemic. Now, for the real question:

Are you a boy? Or a girl?

Re:Am I the only one that read...

Same here.

Re:Am I the only one that read...

[Psychophrenes]

+1

User still a risk point

[N1AK]

One issue with IT security is that policies and security measures like this are only one small part of the picture. My partner works in a government affiliated company and has to use FDE for all PCs. Because of how they have implemented it they virtually all still use the default key (which wasn't random) and if you change it then you thwart the original intent of having quasi-hotdesks.

Passwords written on desks, stuck to the screen etc are common in many places. Sending files off-network to places like dropbox or email to get around security 'hassles' is widespread. The owner of my current firm wants to use an iPad, because we won't let it on network he does most email from a web email account!

FDE with rubbish passwords is entirely pointless as anyone with motivation to get in can. If you start requiring complex passwords the risk of people writing it down and storing it with the PC increases. We need to stop thinking about security as a technical issue and work out how to produce 'secure enough' systems which users don't subvert or misuse.

If removing security breaches is worth nearly $5k a year then surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring. Even better would be combine it with a RSA style password device for two-factor authentication when providing a password (thus making less complex passwords less of an issue).

Re:User still a risk point

>> The owner of my current firm wants to use an iPad, because we won't let it on network he does most email from a web email account!

This is why people hate IT.

He's the owner. You put his iPad on the network and you deal with it. His job pays for your job. By not letting him on, you are compromising the firm, and your employment.

Re:User still a risk point

But if you allow his iPad on the network then he might actually be fired because it's not an approved device...

This is not the problem with IT... Management says X.. IT enforces rule X.. Employee gets angry at IT for following management's rule X.. Even if the employee is management himself then he should have brought it up before implementing rule X.

IT makes stuff work, they test stuff to make sure stuff don't cause problems with the rest... When random employees connect their private laptops/phones/tablets your network will be wide open to the rest of the world... This is why it's good to have a policy that says that you are only allowed to connect company approved devices since they will be maintained (antivirus/firewalls/security updates etc)...

So next time the owner says something like that you just reply back with:
'Well, your rule X does not allow this. To get around this we could propose Y while keeping rule X but this would cost $z. Do you want us to do it?'

On the other hand... If you are a IT manager and have a set of rules, maybe enforced due to government work, it can actually be your head that rolls even if it was the owner of the company that forced you to do it.....

Re:User still a risk point

[VoiceOfSanity]

Let me state that the company I work for had not one, but two instances where the loss of a non-encrypted device could have potentially led to a data breach. In this case the data was personnel data for the company, some 100,000+ employees. *THIS* is what forced the company to do a company-wide encryption of all computers, including servers. Yes, it meant a slight slowdown when data was being accessed and decrypted, but it was better in the long run for protection of company information.

The use of full disk encryption is just one layer of security the company has installed. By itself it gives a measure of protection, but in combination with others (such as disabling user name/password login for Windows 7 and making people use a card and a PIN to log into the computer) minimizes the chances of another loss of data. It doesn't fully eliminate it, but it reduces it significantly.

As for recovery of data on an encrypted drive, we have to send that drive to a group within the company, who are the only folks allowed to have the necessary keys for decrypting a drive. The previous software (which was used on Windows XP) had a challenge/response code that needed to be entered before decryption, but the new software under Windows 7 is locked down so that local IT support cannot decrypt a drive. Yes, it's an expensive package, but the company is willing to spend the money considering how much in proprietary and government information they have to keep controlled at all times.

Re:User still a risk point

[Phroggy]

...Surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring.

Or affix it to the laptop with a piece of tape, so you wouldn't have to worry about not being able to get your work done in case you forget your wallet or your keys. :-D

Re:User still a risk point

[Just+Some+Guy]

My partner works in a government affiliated company and has to use FDE for all PCs. Because of how they have implemented it they virtually all still use the default key (which wasn't random) and if you change it then you thwart the original intent of having quasi-hotdesks.

That kind of stuff drives me crazy. OS X's FileVault does this right by 1) encrypting the drive with a user's own password, so they pretty much have to remember it, 2) providing a recovery key that IT can store somewhere for later recovery if the employee gets hit by a bus, and 3) optionally registering the recovery key with Apple so that they can decrypt it for you (which might be nice for non-paranoid end personal users, even if most companies wouldn't want to use it).

Here's more information about enabling FileVault. While I've mentioned FV a couple of times in these comments, I'm not in love with it or anything. It's just that it works well and conveniently, and if other manufacturers can't do the same, then it's a problem with their implementation and not the concept in general.

translation

[Hazel+Bergeron]

'After doing all of the math,

"After applying some simplistic formula"

Ponemon

"the guy promoting his firm with this /. article"

found that the cost of FDE

"without specifying any important parameters such as number of computers or environment in which they are used"

on laptop and desktop computers

"but noting that some were laptop and some were desktop because that makes the result sound a little more convincing"

in the U.S. per year

Encryption is a lot more expensive in Scotland. They can always look up yer kilt and ken yer keys!

was $235,

If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

while the cost savings from reduced data breach exposure was $4,650.

Or $100,000, or life imprisonment, depending on your particular situation. Statistics: on average, not very useful.

Re:translation

[ciderbrew]

SPOILER ALERT PLEASE

If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

You mean it's not real???

Re:translation

I 3 your post

Re:translation

[AmiMoJo]

In other news a car manufacturer calculated that it would be cheaper to pay compensation to people killed by faulty parts than to issue a recall.

Clearly the cost of a data breech needs to be much, much higher.

Re:translation

It was when I did it to my girlfriend, anyway.

Re:translation

[fustakrakich]

"Safety doesn't sell" - Lee Iacocca

I'm rich!

[mwvdlee]

...$235, while the cost savings from reduced data breach exposure was $4,650.

I've got an old laptop lying around that's not doing anything.
Last thing I did with it was a clean install of a win8 beta.
You say if I encrypt it's harddisk, it saves me over four thousand US$?

Re:I'm rich!

[smash]

Yup, it will pay for 3 new machines with AES in hardware!

Re:I'm rich!

Yes. You go, girl!

Re:I'm rich!

Not you, but to others, yes. I work in the healthcare industry (well, what's left of it after Obamacare, but that's another discussion entirely). Patient health information does not exist outside of an encrypted environment, and with good reason. A breach that leaks unencrypted patient data can net you fines out the wazoo, enough to make a huge impact to the bottom line of a large hospital or cause a smaller one to file bankruptcy.

Average or median?

[teg]

It would be interesting to see the median cost savings, vs. average cost savings. For most, I'm guessing that the cost would be rather low - less than the cost of new hardware and setting the system up again if you lose it - but that you have some extreme outliers.

That said, for OS X, Red Hat Enterprise Linux (and similar for others, I'm sure) and Windows 7 it is trivial to enable.

I use Truecrypt

It's free, it makes no noticeable slowdown of my PC (fully encrypted with a long long long password) and I have peace of mind that if the PC gets stolen, I've lost nothing critical, just a compuiter. I don't believe the costs are anywhere near the claims, even for a Sys Admin to run True crypt on a machine.

I truecrypt everything, all my flash keys, backup external HD's etc.

Also that's not how you spell 'Pokemon':
"A recent study conducted by the Ponemon Institute"

Share your experiences

[Compaqt]

It would be handy if people could share their experiences with encryption.

Good, bad, ugly.

E.g., is it better to encrypt your home directory (as Ubuntu gives you an option for), or the whole disk?

Has anyone had a problem where you were unable to access your encrypted home directory or drive?

Does encryption increase the possibility that a small problem on a single sector of a disk will render the whole volume unreadable?

What about using encryption along with various levels of RAID?

In some circumstances, I'll connect a harddrive via USB. If you disconnect it, sometimes Ubuntu won't let you access the encrypted volume again until you physically turn on and off the drive (or, sometimes, reboot). Stuff like that makes me fearful.

Re:Share your experiences

It would be handy if people could share their experiences with encryption.

Good, bad, ugly.

At work: Ugly. People lost entire drives full of super important encrypted data because they keep forgetting pass phrases. Pass phrases for USB drives are shared among multiple people for convenience, making them ineffective. Pass phrases are re-used between different customers, making them ineffective.

At home: Great. The FBI was not able to decrypt any of my records even though they seized all my drives. Saved my ass.

Re:Share your experiences

Truecrypt FDE works perfectly for me for 3 years, now i am using it with Windows 7. I didn't notice any performance degradation.

Re:Share your experiences

[AmiMoJo]

It is best to encrypt everything. Otherwise you have to worry about keeping secure data in secure areas. For example if you just encrypt your home directory then the system temporary file locations could end up storing some of your data in plain text as it is processed. The page file/swap partition are good examples.

There is more risk of your data becoming unreadable, but that is what you keep backups for.

Re:Share your experiences

[Dodgy+G33za]

If only it were possible to design an operating system that kept all user data in one place but apparently a fundamental law of physics states that this is not the case.

Re:Share your experiences

I used to work for a big internet company - we got FDE about a year before I left. In all of that time, I can't say as I noticed it doing (or not doing) anything. There was one time I had some sort of password problem which someone managed to fix remotely for me. Besides that, it just worked. In fact, it worked better than my memory, because I can't remember what it was called.

Re:Share your experiences

[fa2k]

Full disk is probably better, but it should be sufficient to encrypt /tmp, swap, /var/tmp.

Without full disk encryption are also more vulnerable to attacks where the attacker installs a keylogger or back door on the non-encrytped part. The difference is only in the amount of work that the attacker has to do, as there is always some part of the bootloader that remains un-encrypted. Windows Bitlocker provides additional protection against this by using the TPM. In reality, though, you should wipe the hard drive and possibly discard the whole system if it got taken by an attacker and then returned to you (if this is a concern, never leave a laptop in an insecure place).

eCryptfs, commonly used for home directory encryption, encrypts files individually on the fly and then stores the encrypted files on an un-encrypted file system. The file names are encrypted, but an attacker still has access to approximate file sizes, directory structure, etc. A more important downside of eCryptfs is that it has a significant performance penalty relative to full disk encryption. This is especially noticeable when scanning the directory tree, such as when using rsync. The reason for the difference is that eCryptfs has to access the header of every file (not sure about the exact terminology, some API call).

For plain LVM software RAID or hardware RAID it should be sufficient to encrypt the virtual RAID device. This is faster than encrypting the constituent drives individually.

Truecrypt recommends against using SSDs because the wear-leveling algorithm can cause old data still to be present in flash, even when logically deleted. When using a new drive without any unencrypted data, it should be fine to use an SSD, at least when considering the scenario of someone stealing the device.

For advanced filesystems with built-in RAID, like btrfs and ZFS, you can't encrypt the virtual RAID'ed device. The choice is between encrypting the underlying drives individually, causing more work for the CPU when writing, and using eCryptfs, causing more random reads when scanning through directories. In the first case, the attacker will have access to approximately the same plaintext encrypted with different keys, but there is no known attack where that is an advantage.

Re:Share your experiences

[fa2k]

As you were asking for experiences, I use TrueCrypt for my laptop and eCryptfs on the desktop, along with LUKS encrypted swap and /tmp on a tmpfs.

More importantly, *use long passwords* ! Systems like TrueCrypt try to make offline attacks difficult (see the docs)

1000 iterations (or 2000 iterations when HMAC-RIPEMD-160 is used as the underlying hash function) of the key derivation function have to be performed to derive a header key, which increases the time necessary to perform an exhaustive search for passwords (i.e., brute force attack)

It's still an offline attack, meaning that someone can image your drive and have at it, without you even knowing (again, they would probably be better off installing a key logger in this case though). There are huge databases of passwords on line, and it's possible to design dictionary-based attacks which are much more efficient than brute force.

Re:Share your experiences

I had a backup routine of cloning my HDD every weekend; 320 GB took about two hours. I could be back up and running in less than 5 minutes if I had a disk crash, lost, or stolen laptop. Then my company rolled out FDE. Now, even a raw copy will not work. I am forced to run data file backups while l am logged in. In the case of a HDD crash or other, it would take days to get back to normal, having to get the OS and programs reloaded and configured.
Also - I have upgraded my Laptop HDD several times with the need for more space and prices of drives coming down over the past four years. This is no longer possible with this new scenario. Not a happy camper.

Re:Share your experiences

Centrally generated keys in the combination with smartcards works perfectly... You can even have several shared keys on a single smartcard....
Sure the user will have to remember his/her password, but the encryption-keys can always be recovered by IT..

http://www.truecrypt.org/docs/?s=keyfiles

1. Secure location on non-networked computer, where all smartcards are initialized...
2. User gets new smartcard and inserts into computer.
3. User gets to select a 5 digit PIN or a full-featured password, whatever your requirements are.
4. Computer starts to initialize the encrypted partition with keys from smartcard.
5. Small application will download updated private/shared keys from AD/LDAP etc that are encrypted (per user key). Smartcard will get the encrypted data and decrypt and install the new certs by itself...

scenarios:
1. User looses laptop. - disk encrypted.
2. User looses laptop with smartcard still inside.. employee gets yelled at for a few minutes for not following the policy. Data still secure, as long as the smartcard physically secure, since it will require the PIN to decrypt and give out the real encryption key.
3. User looses smartcard - IT initializes a new smartcard. User plugs in the new smartcard that downloads and reinitializes the card with the previously stored keys... Might go for a re-encryption depending on how the card was lost.. (broken/thrown away by accident/stolen)

So.. it's not that hard hard to have simple key-management in a office either... you just have to make it simple for the people to use...

Re:Share your experiences

[jroysdon]

I used to be fearful, about 5 years ago. The first step is to make sure you have a really solid backup plan. I have a home server which I use rsnapshot to to store rsync diffs. This can be performed as often as I like (hourly, once per boot, weekly, etc), or even automated (I don't as I don't want the hassle of having to wait for a backup to finish before I shutdown/hibernate).

Once you think you have a solid backup plan, pretend you just lost your hard drive. The best method is to have a second system (or second hard drive, and swap out your real one) to which you will restore to and not touch your original. Once you truly know you have everything backed up and don't need anything from the original system, move to encrypting your disk.

Oh, and what good is encrypting your disk if you don't encrypt your backup? Naturally you want to trust your backup to be solid (especially during system upgrades/migrations when the originaal is at risk), so you're going to want to have two backup devices. Server + external USB hard drive is a nice solution. I'm a big fan of offline storage (only servers have to have the key in memory and thus have the encrypted data available), so I have two external USB hard drives which I rotate. Fire or other disasters may happen, so I rotate that external hard drive to work, then bring the one at work back home. Worst case I may lose 2 weeks of data (which would be minimal, as any major changes of data trigger a home/work external hard drive swap). Take a step further and have a third hard drive you keep off site at a family member's house 30+ miles away (thinking flood plains here). Rotate taking a drive to that location and bringing it back on family visits.

Ok, sorry to digress. Now, when I install, since I know I'm not going to lose any data, I do full encryption on all newer systems that aren't "budget" boxes. I've got a number of hand-me-down laptops (P4, other pre-Intel Core processors, etc.) that the family uses, which still work just fine for simple school research, writing a report, etc. For these systems, I partition things out and encrypt: /home /tmp /var/tmp swap. The rest is part of / and not encrypted for performance reasons.

I've been doing this for 5 years and a dozen laptops and 5 external USB hard drives and never had a problem due to disk encryption. Many of my laptops don't detect the battery power accurately any more, so I've had a handful of sudden "off" situations where the system shutdown uncleanly. Never been a problem and once the disk is decrypted ext4 does it's thing and I keep going.

I have had a failed hard drive in that time. I typically keep the OEM OS and resize it and keep it set to dual-boot so I can "troubleshoot" with the manufacturer. The nice thing about having all my personal data encrypted is that when I had a failed drive, I had no worries sending it back to them as I knew they could not access anything.

I too have run into the issue with Linux not wanting to automatically re-mount the drive when I plug it back in. I also have manual scripts to do all the LUKS scripts (for this reason, and also on my servers which have no GUI, or when using a recovery CD where I want to know exactly how to access my data), and those will work in cases like that.

Here are the rough notes:
# http://wiki.centos.org/HowTos/EncryptedFilesystem

losetup /dev/loop7 /dev/sdb1
cryptsetup luksOpen /dev/loop7 secretfs7
# password prompt here
cryptsetup status secretfs7

#/dev/mapper/secretfs7 is now active:
# cipher: aes-cbc-essiv:sha256
# keysize: 256 bits
# device: /dev/loop7
# offset: 2056 sectors
# size: 3907021946 sectors
# mode: read/write

mount /dev/mapper/secretfs7 /mnt/usb7/

#########
umount /mnt/usb7/
#cryptsetup remove secretfs7
cryptsetup luksClose secretfs7
losetup -d /dev/loop7

Re:Share your experiences

Other than /home, "sensitive" data may be found in /var (mail spool, mail queue, databases), /tmp, /root, the swap partition and (to a lesser extent) /etc. There shouldn't be anything sensitive in /bin, /sbin, /lib, /usr and the like.
The main issue with encrypting the root filesystem is that you must be able to load the kernel and mount the root filesystem without reading anything from the root filesystem, i.e. you need an unencrypted /boot partition containing the kernel and an initrd with cryptsetup and dependencies.
If you like to build your own kernels, forgetting to enable certain features in the kernel or initrd can leave you with a system which won't boot. If you only encrypt selected (non-root) partitions, you can at least boot the system and fix any mistakes.

Re:Share your experiences

It is best to encrypt everything. Otherwise you have to worry about keeping secure data in secure areas. For example if you just encrypt your home directory then the system temporary file locations could end up storing some of your data in plain text as it is processed. The page file/swap partition are good examples.

The swap & tmp partitions can be encrypted with random keys at startup, so encrypting these is even simpler than encrypting /home. There is really no reason to encrypt /home without also encrypting swap & tmp.

And if your user process is writing files outside of /home and /tmp, then you've got a bigger problem than encryption to worry about.

Re:Share your experiences

[jimicus]

The operating system itself isn't the problem.

Sure, you could (on Unix at least) limit yourself to encrypting /tmp, /home, /var (in case some dozy app developer decided to write passwords out to a logfile), / (in case some dozy application requires a plaintext password in /etc) and the swap partition. But by this point you may as well encrypt the lot and have done with.

Worth it?

[GeekWithAKnife]

Well, sure, the probability is such and such and YET you cannot say for sure if your data will be stolen tomorrow. What is your data worth to you? One would have to weigh the costs of data loss compared to the cost of protecting it, some data is worth X. It's X because we cannot always calculate what it would cost for the data to be seen by the wrong party. How much is it worth to encrypted bomb blueprints as another layer in protecting against it falling into the hands of a possible threat? how do you quantify that? So if full disk encryption worth it as opposed to what? not using encryption? hardware encryption on disk? software? The probability that only the person who owns the data can tell you if it's worth it is very high indeed. It may be worth far more than everything that person owns.

Data loss

[tempmpi]

What about the cost of data loss because users forget their password?

Re:Data loss

[jsse]

What about the cost of data loss because users forget their password?

Don't worry, that's what super-admin password is for! ....did I just say that out loud?

A times B times C equals X.

If X is less than the cost of a recall, we don't do one.

Sometime, calculating the cost of thing is just stupid. Because all you do is rationalizating the externalisation of cost to the next poor bastard.

Truecrypt FTW

[Tastecicles]

...because I love giving police the finger when they demand to see what's on my laptop.

As far as they're concerned, it's just random garbage. And that is all they will ever see.

Re:Truecrypt FTW

[smash]

So, how well do you stand up to beatings/torture, tough guy?

Re:Truecrypt FTW

[Rogerborg]

I love giving police the finger when they demand to see what's on my laptop

And in your fantasy, does the Lady Cop say "Oh, Mr Neckbeard, your fingering is so... virile," then bow-chicka-wow?

There's nothing so sad as preparing for an apocalyptic showdown with The Man, when The Man could not possibly care less about you or your data. Encrypt, don't encrypt, you've got more chance of being eaten by badgers than subjected to a search-and-seizure.

Re:Truecrypt FTW

Not quite true. If they can prove that the laptop belongs to you, and use it regularly, and disk seems encrypted, and they have a court order to be able to access the disk, then your can probably find yourself in contempt of court for not decrypting it.

Re:Truecrypt FTW

[Tastecicles]

you offering?

Re:Truecrypt FTW

[Tastecicles]

No one is bound to answer any question if the answer thereto would, in the opinion of the judge, have a tendency to expose (him) to any criminal charge, penalty or forfeiture which the judge regards as reasonably likely to be preferred.
  - Established precedent over 1100 years of Common Law, from the Code of Alfred 870 to the Fifth Amendment of the US Constitution.

In Saunders v UK (ECHR), according to which "the right not to incriminate oneself does not extend to the use in criminal proceedings of material which may be obtained from the accused through compulsory powers but which have an existence independent of the will of the suspect, such as, inter alia, documents acquired pursuant to a warrant, breath, blood and urine samples and bodily tissue for the purpose of DNA testing".
This would only extend to a passphrase which exists outside the mind of the defendant. It would be on the prosecutor to prove that such a document exists to obtain an order against which refusal would result in a finding of contempt. Therefore, no court can force disclosure of a passphrase which exists only in the grey matter of one individual.
  - Also established precedent (NG08C10148, in camera and compartmentalised).

For those who are about to fire the thought-ending cliché, "What, do you have something to hide?" Why, yes I do. The nature of that material is nobody's business but mine, and if you think it's of an illegal nature, it's on you to prove it beyond supposition and paranoid delusion - "beyond reasonable doubt" as is required in a criminal process. But do NOT expect me to help you or feed your fantasy.

Re:Truecrypt FTW

[cpghost]

If you live in a fucked up police state where this is considered possible, you have more problems to care for than merely encrypting data.

Re:Truecrypt FTW

There is always a chance that they could want your data. Plenty of people have been ruined by the government or by criminals; it's far from impossible. Encrypting is easy and mitigates the risk. There is no problem.

Re:Truecrypt FTW

>>inter alia, documents acquired pursuant to a warrant

The law is basically stating, that, if it can be proved that it is your laptop, and you use it on a regular basis, then you do know the password, and therefore you cannot refuse to decrypt it, in the same manner, that you cannot refuse to give DNA etc.

There is legal precedent for this. Certainly in the US Federal court, and I'm sure if you look at various European courts, you'll find similar laws, and precedents.

Re:Truecrypt FTW

How can a proper justice system condemn you for not revealing something that they cannot prove that you have not forgotten?
i.e. "I'm sorry but I don't remember the password". What now?

Re:Truecrypt FTW

[brusk]

Actually the law is still up in the air on this in the US. Judges have, in the past, held that a defendant was not obligated to reveal a password. There is no "law" about this, it's mainly interpretation of the 5th Amendment.

Re:Truecrypt FTW

[Tastecicles]

Threatening someone with jail* for withholding a passkey which only exists in the mind of one individual is coercion. Established case Law.
Evidence (including confessions whether taped or written) obtained through coercion is inadmissible hence any conviction so obtained through coercively obtained evidence is unsafe. Also established case Law.
Following that, no person may be tried twice for the same crime, unless and only if there is "new, compelling reliable and substantial evidence" that was previously unavailable and the Court of Appeal decide that the evidence is sufficient to warrant a new trial (Criminal justice Act 2005). Such evidence if it is of a digital nature on an encrypted hard drive or other storage device will only ever come to light if the passkey is surrendered or in the equally unlikely event that the Universe doesn't die a heat death before the police manage to crack it.

*The maximum penalty for contempt in England is two years, except in cases under the Terrorism Act which carries a maximum penalty of five years. I should familiarise you with the prohibition on consecutive sentences contained in section 265 of the Criminal Justice Act 2003 and the residual application of section 116 and 117 of the Powers of Criminal Courts (Sentencing) Act 2000, which means that the court cannot impose a two year sentence on someone for refusing to disclose information then do it again in two years when the first sentence is up, rinsing and repeating. This would also fall afoul of the prohibition on cruel and unusual punishment which is International Law.

Re:Truecrypt FTW

There's nothing so sad as preparing for an apocalyptic showdown with The Man, when The Man could not possibly care less about you or your data. Encrypt, don't encrypt, you've got more chance of being eaten by badgers than subjected to a search-and-seizure.

As someone who was actually subjected to a search-and-seizure I can tell you that I was happy that I was using truecrypt. I started using tc years earlier and I had no reason to think I would be raided.

These things do happend. Maybe not often and maybe not to many people, but far more than you think. We just don't like to speak about it afterwards due to the common attitude that if there is smoke, there is fire. (I'm sure that's what you are thinking now too.)

AC for obvious reasons.

Re:Truecrypt FTW

[Tastecicles]

...and with that phrase uttered, you are then required to prove that you've forgotten it.

Fucked up, but there it is.

(actually it's fairly easy - claim torture. Game over).

Re:Truecrypt FTW

[smash]

You mean, like in the US? You only have to be declared a potential terrorist and its all fair game.

Re:Truecrypt FTW

No they can just toss you into general population for two years and let it out that they think the encryption was to hide child porn.... I doubt there would be a need for a second sentence, assuming you survived the first one.

Re:Truecrypt FTW

You're an idiot.

Re:Truecrypt FTW

Plausible deniability with two passwords and a hidden partition.

Re:Truecrypt FTW

[Tastecicles]

Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001.

Ker-ching!

Re:Truecrypt FTW

[smash]

Have you kept up to date with the law in your country at all?

Re:Truecrypt FTW

[IBitOBear]

Theft or loss is more likely. In a proper police state, they already have you under surveillance so they already know your pass phrase.

First rule of paranoia, don't save what you don't want found.

Second rule of paranoia, why are _you_ asking _me_... what do you really want? I will not be deceived! I want to see the birth certificate of the guy who says the birt certificate is real! There never were any towers to start with, we can tell from the pictures of the so-called "moon landing" because the shadows on the newspaper don't match the shadows under his nose...!

8-)

No kidding

[Sycraft-fu]

In a corporate environment, you have to have some kind of key management system. You can't do FDE with a free utility that is just "Enter the password to get in to the computer." Well why not? Tow big reasons:

1) What if the person suddenly up and dies, and you need to get at the data? A backup won't help if said backup is also encrypted with the same password that only they knew. You need to have a system to get in.

2) More commonly, what do you do when a user forgets their password? This happens ALL the fucking time. People cannot remember passwords, just how it is. Just losing data is not an acceptable answer, so you have to have a system that can get in.

Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

As an example at work a lady forgot her password, as she is known to do on days ending in "y". So she couldn't get in the encrypted laptop that has key codes for the doors (she deals with that). She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory. This meant my boss couldn't log in to do any kind of override. So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working. Took a fair bit of time to do.

You have to count all that kind of thing in cost calculations. You can't pretend like it isn't a cost. Yes you already pay his salary but he has about 5,000 other thing to be doing that weren't being done while he worked on that. Needless to say if this were being used for more than a couple systems (we only use it in special cases) it would quickly need one or more people who's job was to administer it and deal with all the problems caused by it (meaning by users).

Re:No kidding

[bertok]

Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

Security only costs extra if you had nothing to begin with, which basically never happens. Any corporation with data worth stealing is likely to have Active Directory, which has a convenient key escrow functionality built right in.

If you've already purchased Windows Server and have standardized on Windows 7, then full disk encryption with all the goodies is just a few button clicks away, and costs nothing but the 60 minutes it takes to read through the relevant technet articles and then setting a few settings in group policy.

She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory.

That's not her fault, that's the IT department's fault. That laptop can't possibly have been properly patched, its data synchronized, or up-to-date security policies applied. That should have rung alarm bells in the system, or locked her out until she did synchronize successfully.

Which can be done wirelessly these days. From home. Using transparent VPNs that require zero user interaction. All of which can be monitored centrally.

So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working.

Wait, wait, wait.. let me get this straight: she failed to authenticate properly with the system for something like a year, which then correctly locked her out after the timeout expired, protected the data on her laptop, allowed you to recover the data as designed, and all of this required just a few minutes of typing? And to top that off, the security system insisted that her hopelessly out-of-date credentials cache be updated to verify her account?

OH MY GOD THE HORROR! The hassle! Why doesn't the crypto system just fall dead and recognize how important this lady is and unlock all of her data, despite her ongoing blatant violation of IT security policy! The nerve of Microsoft for designing such a thing! Next thing you know, they'll insist that you use passwords to log on to computers! Can you imagine?! We just won't be able to get any work done around here any more!

Clearly this is all just a giant conspiracy to drain valuable IT resources.

You have to count all that kind of thing in cost calculations.

Additional electricity due to use of AD Policy Driven Bitlocker encryption: $57.35
One hour support call to fix non-compliant user's locked out system: $197.50
Incompetent IT team: $457,350.00
Potential lawsuit due to leaking user data: Priceless.

Yes, you do have to factor that kind of thing in, you're right.

Re:No kidding

[ravenknight]

As an example at work a lady forgot her password, as she is known to do on days ending in "y".

Not to be a complete smartass, but what day doesn't end with a 'y'?

Re:No kidding

[RaceProUK]

*points to joke*

Re:No kidding

[yotto]

As an example at work a lady forgot her password, as she is known to do on days ending in "y".

Not to be a complete smartass, but what day doesn't end with a 'y'?

Not to be a complete smartass, but that's the joke.

Re:No kidding

That's the joke.

Re:No kidding

[bjorniac]

"Tomorrow", for one.

Anti-joke-chicken-mode:
OP was using hyperbole, all day names end in "y", hence he's implying that the lady at work forgets her password every day.

Re:No kidding

It's "woooshesday".

Oh, wait...

Re:No kidding

Sundae, of course.

Mmmm... now I'm hungry.

Re:No kidding

[Cytotoxic]

Well, that was certainly a snarky reply for someone who doesn't understand the point Sycraft-fu was trying to make. He was talking about the TCO calculations and why "you can get full disk encryption for free with Fedora" isn't really applicable in a corporate environment. Not complaining that "it's really hard and a complete drain on IT resources".

The article includes these costs in their TCO calculations, and indicates that the largest expense is in lost user time due to slower boot times, sleep times and most importantly - lost productivity due to lost passwords. Sycraft-fu's example is perfect for this scenario as the laptop with the key-codes for the door was inaccessible for some period of time. Likely a few hours, since she probably futzed around trying to remember the password for a while before getting over to IT for help. Then she had to wait for the authorized manager to recover her password and sync to the AD. He said you have to factor in user mistakes (like forgetting the password) as a cost of full disk encryption. He's right.

Your straw man about a "giant conspiracy to drain valuable IT resources" is just plain silly.

Re:No kidding

[1s44c]

As an example at work a lady forgot her password, as she is known to do on days ending in "y".

Not to be a complete smartass, but what day doesn't end with a 'y'?

Christmas. Oh and Easter.

The point is she forgets her password a lot.

Re:No kidding

We have had good luck with free Compusec. It has a two password system - the administrator gets a password and the user gets one. If the user forgets his/her password, then the admin can reset it. Works for us and is quite easy to install and use.

Re:No kidding

1) What if the person suddenly up and dies, and you need to get at the data? A backup won't help if said backup is also encrypted with the same password that only they knew. You need to have a system to get in.

While in general your point is accurate, but company datacenter hosted backups of local data is pretty much critical. While complex key management systems will protect someone against screwing over their data by forgetting password, it's far far more likely that either they will zap it by accident or lose hard disk. Backup tool should not be doing raw disk backups or anything, the backup data should not be encrypted under the same policies applied to local disk (either encrypted with a different set of credentials or not encrypted as the backup store has sufficient physical and logical security mechanisms for storage encryption to be more risk than benefit.

In short, the users particular incarnation of the data should be perfectly disposable. In real world, sure, they do things that impede backup or neglect to use network shares when appropriate and crypto management is one way to mitigate risk, but an end-user with critical data not getting that data into centralized data management is a large risk any way you slice it.

Re:No kidding

1) What if the person suddenly up and dies, and you need to get at the data? A backup won't help if said backup is also encrypted with the same password that only they knew. You need to have a system to get in.

2) More commonly, what do you do when a user forgets their password? This happens ALL the fucking time. People cannot remember passwords, just how it is. Just losing data is not an acceptable answer, so you have to have a system that can get in.

The commonly-available FDEs address both of these questions satisfactorily, but congratulations on successfully karma-whoring off of all the other idiots that didn't read TFA or take 30 seconds to scan available product literature.

Re:No kidding

[bertok]

You also missed my point, which was that the FDE (in combination with everything else involved) was doing exactly what it was intended for.

The cost overheads are negligible, and the article massively overstates them.

FDE, like passwords, are only a problem in environments with poor IT practices.

For example, I hear people go on about how "password management" is an "expensive headache" all the time. However, I only hear that in environments where the IT department failed to consolidate to a single directory system, and every password reset becomes a nightmare of synchronization, replication delays, incompatible password rules, and account lockouts. Meanwhile, in competent IT land, a password reset takes seconds and never fails.

FDE is similar. When used incorrectly, it requires extra steps and is a royal pain in the ass. I've seen some government environments that insist on using proprietary software to encrypt everything, including USB sticks, which then end up copying files at 100KB/s. That was because they were using old operating systems that didn't have Bitlocker built-in, and they picked the "cheapest" encryption product instead of the best. Had they simply kept up to date with new operating systems (which they were licensed for anyway under maintenance), they could have had a low-overhead system that you'd have to benchmark to notice.

He said you have to factor in user mistakes (like forgetting the password) as a cost of full disk encryption.

Except that normally Bitlocker is transparent to the user, and doesn't require a password. Hence, not an expense.

The password he was referring to was the recover key held in Active Directory, which doesn't require memorization. If you're resorting to recovery keys, then it had better be an unusual scenario, like a user who hasn't synchronized in a year.

It's a lot like complaining that passwords are an "overhead" because people who haven't been given a password can't access the system!

The lady's scenario is perfect. If she hadn't logged on for a year, it would be at least an hour or two to bring her computer up to scratch anyway. At the very least, it's going to require a couple of reboots worth of patches, a virus update, a full disk virus scan to be sure, and probably significant application package updates. Having to type in a 48-digit recovery code on top of that is going to add what, a couple of minutes tops to a multi-hour process? That's maybe $5 of employee time in exchange for hugely stronger security.

Re:No kidding

TrueCrypt is free, and has a way for administrators to recover the encryption key if the user happens to forget it. The admin simply sets up TrueCrypt on the user's device, gives them a default password and copies the header. The user then changes the password to their own password.

From the TrueCrypt FAQ:

We use TrueCrypt in a corporate/enterprise environment. Is there a way for an administrator to reset a volume password or pre-boot authentication password when a user forgets it (or loses a keyfile)?

Yes. Note that there is no "backdoor" implemented in TrueCrypt. However, there is a way to "reset" volume passwords/keyfiles and pre-boot authentication passwords. After you create a volume, back up its header to a file (select Tools -> Backup Volume Header) before you allow a non-admin user to use the volume. Note that the volume header (which is encrypted with a header key derived from a password/keyfile) contains the master key with which the volume is encrypted. Then ask the user to choose a password, and set it for him/her (Volumes -> Change Volume Password); or generate a user keyfile for him/her. Then you can allow the user to use the volume and to change the password/keyfiles without your assistance/permission. In case he/she forgets his/her password or loses his/her keyfile, you can "reset" the volume password/keyfiles to your original admin password/keyfiles by restoring the volume header from the backup file (Tools -> Restore Volume Header).

Re:No kidding

[tgeek]

Don't forget to add in the cost of redeploying Win 7 Enterprise to all those laptops your predecessor let get into users hands with Win 7 Pro preloaded by the manufacturer.

Re:No kidding

[tgeek]

That's assuming your PHB is like my PHB and refuses to consider any alternative to an available MS product . . . Bitlocker in this case.

Re:No kidding

The cost overheads are negligible, and the article massively overstates them.

The article's claims of costs turn out not to be password management and support, but lost user time. The cost is slower access and time where a user is sitting at his desk waiting for the computer to 'wake up' to a useable state. If you've got a $50/hr employee (making, say, $30/hour salary), FDE only needs to add 1 minute per day of non-responsive computer to get to $250/year "TCO". An extra 10 seconds every time you put a laptop to sleep or wake it up...

Re:No kidding

[plover]

There's another cost the article didn't consider. That is the risk of losing the data due to the failure of a poor FDE implementation.

Our story is that we still have a lot of XP machines that are protected by our corporate-chosen FDE system, McAfee's Safeboot. Not that long ago some HQ team rolled out a BIOS upgrade. Turns out that on our development team's machines, which are some big honking desk towers (not portable laptops that tend to be stolen in coffee shops), the BIOS upgrade nuked Safeboot's ability to load its keys. So we had a dozen developers lose their boxes thanks to FDE. Of course extra special thanks go out to the corporate numbskulls who were "just following policy" when they allowed the faulty BIOS upgrade to continue after discovering the first bricked system a day early!

One dozen developers times 40 hours each to rebuild their dev environments, plus whatever projects they were on falling behind by a week each, that's a lot of money wasted. And the risk they averted? These towers are the opposite of portable. They're cabled to the cube walls, and the cases are padlocked shut. They have source code on them, not customer data. In short, these are among the least risky boxes in the company, in terms of the types of losses FDE is intended to guard against.

Of course, if you carry the math all the way through, this screwup only added a few dollars to each FDE (maybe from $388 to $392 or so) yet the overall risks of loss by theft remain at $4650, so it's still a net positive to have FDE. But it sure is a pain in the ass.

Re:No kidding

[QuantumRiff]

BTW, The "normal" Corporate version of Windows 7 does not include BitLocker support. You need the "extra spendy" Version.

My company was supposed to be part of a "Case Study" with Microsoft on Bitlocker, but ended up skipping it, and going with another product. Reporting and monitoring was a nightmare. The only way you could tell if it was done encrypting a drive was to look at the local pc, if I remember right. Which really sucks with a very mobile work force. Also, key recovery was possible with Active Directory, but did not work properly in things like Windows PE. I'm sure many of those have been fixed, but at the time, it was pretty basic.

Re:No kidding

A backup won't help if said backup is also encrypted with the same password that only they knew.

Why would you do that? Taking a disk image of an encrypted drive would require knowledge of the password, but FDE is transparent to userspace programs, including backup utilities. Just backup the unencrypted documents over a physically secure network (or VPN) and re-encrypt them on the server end (if necessary).
 

2) More commonly, what do you do when a user forgets their password?

Restore from backup. Which is exactly what you do if they physically lose their laptop, also very common.

Almost all FDE systems use a real key (e.g. 128-bits) and encrypt that with a strengthened version of what the user types. That way, the user can change their password without re-encrypting the whole drive. If you want to use some cheap software which lacks key management just keep a copy of the real key. Then it doesn't really matter if the user quits or forgets their password. (This does require you to know how the software works, e.g. CBC using AES, but that should be a given.)

Re:No kidding

Uhm,

Well, guess what? Even with Truecrypt, it makes a recovery ISO. You can have IT turn the encryption on, and then save the recovery ISO to a USB hard drive that has everyone's recovery ISOs for the whole company - which is kept locked in a safe. Not that difficult.

The native OS X one can be bypassed even if the user forgets their password - if the Administrator is also given permission to unlock the disk when it is set up. Or, you can have IT copy-paste the key into some text file on above-mentioned external drive when they turn the encryption on.

I am sure Windows BitLocker has similar options.

Anyway Over $200 per year? They're doing it wrong.

Re:No kidding

I would suggest to take a look at Mandos for FDE key-management (free open source software).

Tag impeachsamzenpus

People should learn to stop reading after "Posted by samzenpus"

it depends

[smash]

on a modern cpu with AES hardware acceleration, the cpu cost is minimal. if you have valuable data, you'd be negligent not to enable it.

Re:it depends

[kholburn]

http://www.reallydodgy.org/ -->
Http/1.1 Service Unavailable

Yep, really dodgy

Re:it depends

[smash]

note: slack

Re:it depends

[wvmarle]

My data is really valuable. To me.

And for that reason, I don't encrypt. I don't want to forget my password and have everything inaccessible.

For most of the rest of the world, the photos and so that I value so much, don't have much value, if any at all. I'm not even going to put it on ftp to let the world mirror it, because I don't think there are even enough people interested in mirroring those files to make that work.

Re:it depends

When I setup home directory encryption on Ubuntu it generated a master password to write down and hide somewhere (ex. a safe deposit box). It's a little extra work, but it solves the problem of losing the password and thereby losing the files. I assume other encryption systems have a similar capability.

Re:it depends

[lpq]

I've not seen any AES accelerated algorithms give better than
~125-140MB/s. On SSD's with 400-600MB/s throughput.

That means just on single SSD's you get 300% greater performance
than with.

On a RAID, it gets worse. A HD raid can easily get to 1-2GB/s, so the
unencrypted to encryption encumbered rate is more like 800-1500%.

With SSD based raid -- that goes up to 3000-4000% of our speed being thrown away.

How is that not expensive?

Funny view you have there

In our (European) company FDE was rolled-out because we are obliged to protect customer information.

No, not because company was scared of the penalties.

It's kind of funny how US businesses quantify it all.

Re:Funny view you have there

[tomhath]

we are obliged to protect customer information

What happens if you don't fulfill that obligation? No penalty if data is compromised?

Re:Funny view you have there

I believe under UK law, that we have a responsibility to 'reasonably' protect data, which is basically, what ever the solicitors can argue is reasonable! Because of this, we decided that reasonable was to enable full disk encryption on all showroom computers, all laptops, and all company mobile phones.

Re:Funny view you have there

One can always try to quantify financial value in following established moral codes even without legal obligations, as not doing so exposes the business to bad press, which leads to loss of customers and thus, you guessed it, to loss of revenue.

Re:Funny view you have there

[gweihir]

I believe under UK law, that we have a responsibility to 'reasonably' protect data, which is basically, what ever the solicitors can argue is reasonable! Because of this, we decided that reasonable was to enable full disk encryption on all showroom computers, all laptops, and all company mobile phones.

Your argument hints that this may actually have been sort of an ethical decision. From my experience, US companies are not aware of than angle.

Re:Funny view you have there

[gl4ss]

we are obliged to protect customer information

What happens if you don't fulfill that obligation? No penalty if data is compromised?

penalties vary from nothing to having the operation closed down. of course if you're a government official loosing a laptop full of social security data then nothing.

Re:Funny view you have there

[wvmarle]

Well, of course. As much as many people would love to, shutting down the government is not a practical option.

Truecrypt full disk, nearly 5 years

I truecrypt, full disk encryption, had it for nearly 5 years on XP. No noticeable problems, no noticeable slowdowns.

I also truecrypt my USB drives, I don't see the reboot problem you list with Ubuntu, and yes I have removed them sometimes without remembering to dismount them (and yes you will still get corrupt files if the flash is removed before it's written the file out), it doesn't fix your own mistakes.

But that said, it doesn't give me any issues. None.

Recently had the power supply replaced on my PC, and repairman wanted the password to check 'my computer was working'. I declined to give me the password for a replacement PSU. Glad I had my HD encrypted.

Can I add

In respect to the repairman, can I just add that because I encrypted the disk, I knew he could install nothing, could not have accessed any of my data, could not have decoded any passwords, or logged into any sites as me.

The peace of mind alone is worth a huge amount.

I know in some countries like the UK, having a beasty pic on your PC is a criminal offense and that it puts yo on a register that limits where you can work for the rest of your life. Better to encrypt there.

Likewise more repressive regimes in the world, better to encrypt, it won't stop someone beating you over the head to get the password, but it will stop FSB men from breaking into your home and planting evidence on your computer, when you've been criticizing Czar Putin.

But even just to protect your PC from thieves and nosy repairmen is enough justification.

Insurances ?

Using the same logic any insurance contract is not worth it. Because in the average insurance companies make money with these contracts which in turn means their customers would be better off without them (consider the average).

The whole argument is bullshit.

PS: Please excuse my english (not native and not good).

Losing data due to lost decryption key/password

What about the risk of losing data or losing time due to not being able to recover from some failure after losing the decryption key/password? Did they take that into account? Not everything needs to be encrypted IMHO.

Warranty void if unencrypted

As far as I'm concerned, storing any confidential data on a hard disk unencrypted effectively voids the warranty, because there's no way I'm going to send a drive containing sensitive data away for warranty replacement.

$235?

[krsmav]

Whose ass did they pull the $235 figure out of? The software is free, the installation takes a few minutes and it's transparent thereafter. The big but (pun intended) is how to deal with a major crash or a forgotten password. If your backup is also encrypted, you're SOL. I'd keep an unencrypted backup on a hard drive in an eSATA external dock, back up daily and put the drive in a safe every night. This was the standard procedure years ago when the backup medium was tape. You had three tape cassettes and rotated them.

Re:$235?

[__aaltlg1547]

TFA said it was mostly lost time due to your computer running slower.

What the fuck are you on about?

[Sycraft-fu]

Look dumbass, the point is that FDE is NOT FREE. That is all. Not that it is a bad idea, we wouldn't do ti if it was. Just that the original poster's thing of "Just install Fedora's disk encryption, it's free!" doesn't work in a corporate environment. There are software costs and other costs to using FDE in an enterprise environment. If you think that TrueCrypt or the like will do the trick you are in for a nasty surprise.

You also might want to knock off the "I can deduce everything about your environment from a small post with little details shit." It doesn't make you look smart, it makes you look like someone that wants to think they are smart.

Re:What the fuck are you on about?

[bingoUV]

Just install Fedora's disk encryption, it's free!" doesn't work in a corporate environment

But it does. Unless you define corporate environment as one with dumb sysadmins.

If you think that TrueCrypt or the like will do the trick you are in for a nasty surprise

Fedora uses LUKS. Which lets you add a big-ass key , possibly supplied from a file, in addition to the key typed in by the user every time they boot the machine. True crypt also has the feature, BTW, so your rant about TrueCrypt is also false.

World renowned Dr. Ponemon?? Never heard of him.

[gweihir]

And I have been in the security field for > 20 years. I think this is just another PR stunt. Any data reported is highly suspect. That is not to say data encryption is not worth it, just better not use this "study" to demonstrate it.

Re:World renowned Dr. Ponemon?? Never heard of him

[brusk]

Or perhaps more kindly: even if the data are completely accurate, they're averages that don't necessarily apply to every, or even any, particular case. I can't make a decision about something like this on the basis of what the mean or median cost/benefit would be, but only of what (as best I can estimate them) my own are.

I've worked with it off and on for years

[onyxruby]

I've worked with it off and on for years. Back around 99 when I first started working with it in finance we had about a 1 day hit just to encrypt the drive and a noticeable loss of speed once it was done. We could only encrypt certain computers that were powerful enough and you really had to justify doing it on a case by case basis.

Fast forward several years and technology has improved to the point where frankly most users couldn't tell if you encrypted their drive or not.

The overhead to run encryption on a drive anymore in around 3-7% the last time I ran the numbers. Your guilty of neligigence if you don't run encryption on a laptop, with desktops is the small hassle to recover a key /really/ that big of a deal?

Where I work we actually get desktops stolen about as often as laptops, and with Bitlocker it's all transparent to the user. Why not? I'm looking for similar tools for my mac's (50/50 mix of mac's and windows if anyone has any good suggestions).

Wildly inflated

[__aaltlg1547]

'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'

The average cost savings from data breach exposure is not $4650 generally. Since the vast majority of companies don't employ FDE, the average losses per year per computer used in business would be approximately $4000. So taking the approximately 100 million computers used in business in the USA (yes, that's a UWAG), that puts the losses to business at about $4 billion per year. I'm not buying it, nor am I buying that the most efficient way to prevent this is FDE. I think it may be valuable in certain industries, e.g. finance and banking where the bulk of your data is of high value to potential thieves, or in medicine or law, where the disclosure of your data may get you sued.

For the rest of us, it's sufficient to have locks, passwords, firewalls and security settings that keep people from hacking your computer.

Re:Wildly inflated

I would say the figure is accurate. Particularly for companies in the healthcare arena http://www.computerworld.com/s/article/9225170/Tennessee_insurer_to_pay_1.5_million_for_breach_related_violations

Silly numbers

[GPLHost-Thomas]

I have just calculated that these numbers are crap. They don't make sense, and they come from nowhere. My dm-crypt device costs me nothing...

- licensing: zero, it's open source
- maintenance: maybe 5 more minutes at setup time?
- device pre-provisioning: WTF?
- device staging: same
- tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security
- end-user downtime spent during password resets: zero
- cost associated with re-imaging hard drives: never happened. I use RAID1 BTW.
- end-user downtime associated with initial disk encryption: well, I went have lunch when it was writing random stuff at initialization. No time wasted.
- end-user time spent operating an FDE-enabled computer: WHAT???

Anyway, using an encrypted HDD should be mandatory in every company. That's the very basics of security...

Re:Silly numbers

[gnasher719]

- tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security

Nonsense. For example, Apple uses three keys: 1. The actual encryption key for the disk. It is never accessible to the user, it is stored in encrypted form on the disk, and by overwriting that portion of the disk, you can wipe a disk within milliseconds. 2. The master key. This key is used to decrypt the real key. It's a long hex number; you can write it down _and put the paper in your safe_. You'll never need it unless you need to do a password reset. 3. The user's password. The user has a password which is used to recover the master key. Multiple users can have different passwords. The password can be changed at any time without having to re-encrypt the data, because it is only used to decrypt the master password.

So you can do password resets, but only if you have the master key. Which is used _only_ for that purpose.

Re:Silly numbers

[Cederic]

So you can't reset your password, but you have no costs with re-imaging hard drives?

You've just confirmed that you never ever forget your password. Work for an organisation with more than one employee, and promise that everybody will maintain your impressive record.

Your personal experiences do not translate into a complex multi-user environment.

Re:Silly numbers

[GPLHost-Thomas]

You've just confirmed that you never ever forget your password.

I don't forget my *master* password, the one of my partitions. The others, I don't need to remember them, they are stored on my encrypted partition... That's *one* password to remember. I believe everyone is capable of that.

Re:Silly numbers

[Cederic]

Again, this approach is not suitable or appropriate for a multi-user environment. Stop trying to discredit numbers that apply to a more complex scenario than the one you enjoy.

Re:Silly numbers

[GPLHost-Thomas]

It's self-discrediting, it doesn't even need my help. Have you even read TFA? It's really laughable. Some of the % wont even have a meaning.

it depends on your "risk"

[RobertLTux]

For 98% of the viewing audience having a house with High Power Electrified Fencing and a pack of Tibetan Mastifs/Wolves in the yard surrounding a Stone House with Blast Doors with internal sector doors would be way to much effort BUT for that 2% it might not be enough.

questions to be asked for FDE

1 Is it better to LOSE the data than have it compromised?
2 How secure are your backups?
3 Are YOU SURE to COURT OF LAW levels your backups are secure and reliable??
4 Are the keys kept safe??
5 Can your staff be "DD" hacked?? (mostly applies to Male Staff members but similar hacks will apply otherwise)
6 How good is your FDE solution?? (has it been HACKED YET??)
7 is there a second key that can be used to decrypt?? (or a Master key)

im sure there are other questions but that should be the top 7 questions

Re:it depends on your "risk"

5 Can your staff be "DD" hacked?? (mostly applies to Male Staff members but similar hacks will apply otherwise)

Had to read this a couple of times before realizing you were talking about a different "DD" than the one I was thinking of.

FAIL...over FDE-cost prohibitive when

[ElitistWhiner]

Algorithm updates render FDE ForeverDiskEncrypted

Performance hit is unacceptable

[DaDaDaaaaa]

Why are some people saying that there is no noticeable performance difference? I have used it on my Thinkpad with a Core 2 Duo from 2011 (AES to get the fastest performance) and with a hard drive it slows down all the time, making me believe that my computer is 7-8 years older. It slows down so bad when looking at a Flash video that it is practically unusable. When I use a SSD it is much better but there can still be very big problems. If I have to scan or decompress a file that's too big, most of the time the whole system will freeze. For a corporation that deals with extremely sensitive information this is fundamental. Else, it has benefits I'm sure, but it's a total pain.

Re:Performance hit is unacceptable

[Just+Some+Guy]

It slows down so bad when looking at a Flash video that it is practically unusable.

Think I found the problem.

Re:Performance hit is unacceptable

[Tetch]

I have a workstation at home sporting a Phenom II X4 3.2GHz CPU and 8Gb 1333MHz RAM, running a Linux host OS using LUKS to provide FDE. This host OS is running VirtualBox to provide various VMs (Windows, Linux) and the performance of all VMs is pretty much instantaneous on all UI requests, and pretty damn zippy at workloads such as compiling.

The WinXP VMs (I give them 2Gb of "RAM" and 1 CPU core) are faster than any WinXP I've ever experienced on Real Hardware; boot to logon prompt takes 10 seconds, & shutdown from being logged in takes 8 seconds. I use one of those WinXP VMs for all my Youtube and DVD video watching needs, without any stutter of any kind. I run KDE4 in several of the Linux VMs, and it's very fast. I don't have any Win7, but a Win8 Preview VM takes 12 seconds to boot, and about 3 to shutdown [once you've figured out how to request shutdown that is :)]

Whatever the performance hit of the FDE is, I'm really not aware of it.

Re:Performance hit is unacceptable

[Zemplar]

FDE isn't noticeable with the proper CPU. My old ThinkPad, also with a Core 2 Duo, was also horrid with FED. My new ThinkPad, with AES function support in the CPU, doesn't break a sweat with FDE and I can't notice it, even with a fast SSD.

Who The Hell Buys FDE?

Why would you buy FDE? Really. Why?

/home encryption

How does this compare to /home encryption (per user)? Ubuntu uses ecryptfs for this (just a checkbox or an after-user-setup script). Bootup speed doesn't change as you'll need a password prompt anyway to unlock the data. Anyone running a non-root program can have it only save to /home anyway. Encrypted swap is required for hibernation, but I don't think it hurts performance much. And encrypted swap's hit only applies to hibernation time.

I don't care if attackers get a vanilla Ubuntu install with my editing software of choice & mail client installed. Let that be fast.

On Linux, everything but /boot

[IBitOBear]

I don't encrypt /boot for obvious reasons, those being that I like to boot my computer.

I have had zero problems.

I use LUKS and a decent pass phrase.

I reboot often enough that the chance of me forgetting my disk password is essentially zero.

That law of physics being

[IBitOBear]

Users are too stupid.

Actually, for large definitions of one place, like "on the hard drive" this is already done.

Therefore the disk should be encrypted.

Which Country

[IBitOBear]

Current precident in this U.S. of A. lets you "accidentally" loose your right to remain silent by, get this, "not talking". And you can "lose" your Fifth Ammendment Rights also by "answering _any_ question" (like "what is your name") in some contexts, such as being before a grand jury.

This isn't constitutional, but you will be held to it anyway.

The rule of law is bent to beyond breaking in many areas, including the right to remain silent and the right to free speech etc.

Don't depend on the law alone... only in immense piles of cold hard cash can you trust here under the law.

Half baked study.... doesn't consider ...

doesn't consider lost productivity when a high rate employee has his laptop go toes-up, and you can't mount the drive elsewhere to recover the data.

$4650 benefit of savings from data not being lost? Ha. Downtime for me can negate that pretty quickly at my bill rate. Let alone some of the more senior people.

Of course, it shows this, and the independent study (cough)... immediately talks about products. Well, there you go -- it's a biased and bought study. Duh.

What of FileVault 2?

FileVault 2 is a check-mark option in OS X for a few revs now, and greatly improved in Lion and Mountain Lion. It can be enabled at any time and is well-regarded for its efficiency and efficacy. Apple will store a backup key for you if you wish.

Cost: $0. Price: Priceless, if your machine is stolen or physically accessed by someone up to no good.

Re:What of FileVault 2?

Yup, but God help you if you have a sector fault on the disk, because it locks down the disk partitioning

I've used Filevault, but restoring from backup onto a FileVault disk (especially from the metal up) has struck me as INCREDIBLY hard work - the help Apple offeers for drives with Filevault enabled is not enough to get over all the gotchas..

I am not sure how I managed a restore in the end, but I recall me cursing it with some fluency. Maybe Mountain Lion does it better - I haven't dared try again yet, as I need a machine that works and it holds as yet no confidential data..

Re:What of FileVault 2?

[lpq]

Cost is performance deterioration.

As more programs are adapted for the Mac environment, I see more code being put in to SLOW down I/O, because it's easy for a single user program to lock up the Mac and make it unresponsive by programs doing full-speed I/O.

The same does not happen on my Windows or Linux machines -- Linux being much better about partitioning out I/O than Windows, but it would appear that even Windows is better than the Mac for multi-task I/O.

The Mac's disc encryption is not only costing Mac users time and money, but the entire industry -- making it poor choice unless you really need it.

But more and more, I'm seeing disk-limiters being put in to programs because the Mac OS doesn't do a good job of managing I/O and it's users are usually very vocal. Then those crap laden programs get passed into the high performance PC and linux world's where it's just
garbage.

Cost Comparison is a Strawman

[dila813]

Cost is of full disk encryption vs no encryption what so ever. Full Disk Encryption requires better hardware and premature hardware failure. Do a real study, compare encrypted user directories vs full disk encryption.

Erm... Report paid for by WinMagic. They make FDE

So, it wasn't really independent was it?

Infographic on Full Disk Encryption

[WinMagic+Social]

In August, our friends at WinMagic released the results of a survey they conducted with the Ponemon Institute where they examined the Total Cost of Ownership (TCO) for full disk encryption. To make this information even clearer, they’ve now created a handy, easy to reference infographic that makes the concept much easier to understand. We all know how important data encryption is for technology users and leaving your data unsecured can be a huge risk to your business. If you think your readers would find this interesting, we would love for you to share it on your blog. Please visit http://blog.winmagic.com/2012/09/04/making-the-case-for-data-encryption/ to view their infographic.