Calculating the Cost of Full Disk Encryption

CowboyRobot writes "Is full disk encryption (FDE) worth it? A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20, based on a reduction in the probability that data will be compromised as the result of the loss or theft of a digital device. 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'"

One click for $235

[flyingfsck]

I am expensive, but not that expensive. I don't charge a customer $235 to click a full disk encryption check box while installing Fedora Linux. Maybe I should...

Re:One click for $235

[Joce640k]

The TCO of is more than the cost of installing it.

Re:One click for $235

[Pieroxy]

Your customer CPU will heat more, and your customer will spend more time in front of his computer waiting for the disk to be accessed. It might be a few ms at a time, but cumulated over a year, imagine !

Anyways, putting a price on something like this is always highly suspect.

How do they get the $4,650 gain anyways?

Re:One click for $235

[gl4ss]

I would think the costs come from electricity and possibly from losing access to your data.

Re:One click for $235

Quote: "The study measured costs in 11 segments: licensing, maintenance, incremental costs, device pre-provisioning, device staging, tech time spent on password resets, end-user downtime spent during password resets, cost associated with re-imaging hard drives, end-user downtime associated with initial disk encryption, end-user time spent operating an FDE-enabled computer, and the value of tech time incurred for various administrative tasks related to encrypted drives. [...] The study found that the most expensive element of FDE is [...] the value of user time it takes to start up, shut down and hibernate computing systems while using FDE."

Re:One click for $235

Security is not something you mess with.

Personally, my data is worth a lot, to me, not to anyone else, I can't put a price on it. Simply because the data on it is personal, irreplaceable, I'd rather have it destroyed than having some one else see it (no, not porn).

A company can. You have 10 million records, they get stolen, class action suit gets you to pay damages 10k for each ...

To be honest this whole computer security isn't even about technology or security expertise or anything like that, it's about money and savings. Companies don't want to back-up their data because of the implied costs, so, they risk it and consider it a financial risk. Same for security.

Re:One click for $235

[hairyfish]

I've been working in IT depts for roughly 20 years and can't remember ever having issues related to "data breach from lack of encryption". Not saying it doesn't happen, but I reckon for most people (outside of finance/defence/govt etc) it's overkill. It raises a question, how much security is too much? Do you have a lock on your front door? 3 locks? 45 locks? If you had 100 locks on your door and only locked 99 of them, would this be considered vulnerable? This is how I think of the security industry. One lock is fine. If that doesn't work, then no amount of extra locks will help. The bad guys will simply break a window.

Re:One click for $235

[DJRikki]

It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

Re:One click for $235

That's kind of a flawed way to look at things imo (no offence intented).

Having 99 locks on the frontdoor is indeed pointless, but that's because all those locks perform the same function. Using (for example) a virusscanner, a firewall and full disk encryption is more akin to having both a lock on the frontdoor but also a fire extinquisher in the hallway. It's a very sane and generally smart thing to have.

On a sidenote, having 2 (different) locks on a door may very well be a smart thing, because a Type A lock has different flaws than a type B lock. Having 2 different kinds means you potentially eliminate a variety of easy exploits that target a specific type of lock. I don't know where the "line" is but i find it hard to imagine more than 2 or 3 locks being a sane scenario for "regular" entrances.

Now it's obviously true that every security measure brings with it a "penalty" if you will, to legit users. For most locks this means the user has to carry a key on him, something most people in the west consider normal and not a high price to pay. Having to remember a PIN code to use your debit card is also a penalty on legit accountholders, but we accept it. Now wether or not full disk encryption is as pricey as the article seems to make out, i dunno, but lets look at the alternatives.

A) Unencrypted drives
B) Certain Encrypted drives/containers/shares/whatever
C) Full Disk encryption

In this day and age (dare i say it, the Information Age) there is a definite demand for encrypting sensitive and important data for almost everyone but the most untrained pc user. This makes option A a bad choice for almost everyone which means the decision is not just about "should we use FDE or not", it becomes "do we encrypt EVERYTHING or just cetain objects" and in order to make that determination you need to look at the price for both.

Let's not forget, simply enabling FDE is a minor act for the sysadmin whose installating the system, and since FDE is transparent to userspace applications, there is very little additional configuration or problems that arrise due to it. It will impact performance of the hardware, however one can take this into account during the purchase of new machine(s) and simply take a slightly faster system to make up for it (if that's even needed, usually it ain't). Only encrypting certain partitions, shares or folders means you have to deal with many additional administrative and training issues. How do you prevent ppl from moving sensitive files from the secure X:\ drive to the C:\ drive, how do you teach the (presumably non-IT) users where they can store which files. Which policies have to be enforced to ensure it all stays on the level. How often (if at all) do you audit the systems for "leaked" senstive files, etc.

I'm not a sysadmin myself, but i do work in IT and have a fair understanding on their job, and to me at a quick glance it appears FDE is a LOT cheaper and easier for everyone involved than encrypting only sensitive files.

Re:One click for $235

[ericloewe]

Considering CPUs these days are pretty much at idle, except for gaming and other niches that actually require that much power, it makes no difference whatsoever. Disk access times are also the same, and if they really are a problem, SSDs are the solution.

Re:One click for $235

[smash]

OK. MD leaves his laptop at airport/side of road/in car that is stolen. He has competitive-advantage generating information on there, that would be worth millions of dollars in contracts to a competitor.

We've had staff have laptops stolen, with data like that on them in the past. Do we know that the data was let into the wrong hands? Nope. But it could have been.

Re:One click for $235

[Dodgy+G33za]

Surely if it means a lot to you but not to anyone else then encryption is not as important (if at all) as backing up?

I have lost personal data. I also have a few old and fairly important files kicking around that I password protected many moons ago and forgot the password.

I have chosen not to encrypt, but I have a very solid backup routine.

But then I can't imagine having data that is so personal (and yet irreplaceable) that I would rather lose it than have some random look at it.

Re:One click for $235

[dbIII]

The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency. If it's not done properly with people at multiple sites having details of how to access the files it's not worth doing at all. An encrypted volume should not be a room full of people that have eaten the salmon mousse away from being permanently inaccessible.

Re:One click for $235

[JasterBobaMereel]

If the information is that sensitive then what is it doing on a portable device in the first place...?

This is like car security, what you have is a tin box on wheels, this can be stolen (Towed/transported) and worked on at leisure, all security can be broken given enough time and resources, it is usually only a case of does the thief consider it worth the time and effort ...

 

Re:One click for $235

[NicBenjamin]

Remember the people doing the actual analysis here were the military. They have much different security needs then you do.

Re:One click for $235

[machine321]

It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

I don't know if quoting Steve Gibson is the best way to make a point on Slashdot.

Re:One click for $235

[Nertskull]

I'm not sure that's what he was saying. Because he says he'd prefer it to be destroyed than others have it.

I'm in the same boat. My data is not really all the useful to others. But I'd still prefer for it to be destroyed than others have it. Just because I keep bank accounts, passwords, etc on my machine. How much can you sell one poor college kids stuff for? Probably not much. But having that level of security, that I KNOW no one else can get into my stuff, is incredibly satisfying.

If I get my computer stolen, I don't worry about pictures of my kids getting to others, I don't worry about my bank accounts or passwords being compromised, I don't worry about my work documents getting put online (I do research, and don't want my discoveries prematurely exposed). I love not worrying about that stuff.

BUT, you are correct. Backup is also EXTREMELY important. I use duplicity/duplicati type implementations. Where I can do incremental backups that ARE encrypted. So even those get encrypted and stored in three separate locations. Now days, encrypting your backups or your system is so easy, I recommend everyone I know do it.

I love my system. And I wish more people encrypted and backed up their stuff regularly. The peace of mind is worth it. My data is always safe from failures and intruders, whether it be one my system at home, or my backups in other locations throughout the country.

Re:One click for $235

[Alan+Shutko]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password. If you're worried about that, put the password on a piece of paper in a safe deposit box or some other type of storage at home.

Re:One click for $235

[NicBenjamin]

Perhaps he's doing scientific research in the field, or he's got multiple labs. Perhaps the company knows somebody is leaking data from it's network to it's competitor, therefore putting it on multiple desktops that are connected to the company network 24/7 would be bad security. Perhaps the employee is a dick who'll make everyone's life miserable if he can't do his job from his laptop.

And of course, this story is about the military. They can't lock all their sensitive info into a date warehouse in DC. They actually have to use it, in places where you can't get reasonable data speeds even if you get a network set up.

Re:One click for $235

[NicBenjamin]

Damnit I didn't read the article properly. It said Ponemon, and I thought Pentagon.

Re:One click for $235

[NicBenjamin]

Ignore the last paragraph. I could have sworn the Pentagon did the study, but turns out it's Ponemon Institute.

Re:One click for $235

[arth1]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

No, that's not what it means. Your data is only safe in that situation if you can guarantee that the encryption key is safe. If, as in most implementations, it is stored on the disk itself, only protected with a password, you're no safer than that password, no matter how strong the actual encryption is.
Did you type it in while at the hotel, trusting them not to have a camera?

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password.

Well, that's reassuring.

Re:One click for $235

[The+MAZZTer]

You forgot the cost of data recovery after they forget their password.

Re:One click for $235

[rjr162]

Layers my friend. You just said it yourself without realizing.

This isn't like have 100 locks on the front door. That'd be like having 25 AV apps running on your machine.

This is like instead of having 99 locks, you use two different types (regular lock on the handle and a dead bolt or something along that setup) and then ALSO install bars over the windows.

It's also like having a solid door with lock LOCKED at the top of your steps from the basement, just in case someone forgets to lock the basement door or for whatever reason someone gets in (broken window the squeezed in etc) theres another obstacle to them getting into the main area of the home where you and your family are.

Or to put it another way, this isn't like having 40 fire extinguishers in your kitchen closest, but more like having a few around the house, plus smoke detectors (ion and photo styles or both in one unit) on all levels and in the attic.. And if you have a furnace a carbon monoxide detector in the basement and room above the furnace plus a Heat detector in the area of the furnace etc. (oh and also working with your family on how to get out in such an emergency). (or go all the way and do a sprinkler system)

While the chance of a fire may be small, and it may appear excessive... *should* one occure your ass was prepared and covered and was able to deal with the issue and minimize the damages.

Re:One click for $235

[Lonewolf666]

Errors happen. At first glance I thought "what, Pokemon Institute?".

Re:One click for $235

[arth1]

I thought that the Manning incident showed that the real problem isn't the security, but that people have access to data.
People can never be trusted. There's no way to divide the world into the trustworthy and the untrustworthy. Reactionary witch hunts isn't going to stop humans from doing unpredictable things - with bad intent, or good intent.

This isn't the 1940s where nations intercept radio transmissions, decrypt them, and at their leisure can bomb your submarines as a result. This is 70 years later, where most intel is (or should be) outdated in minutes, not days.

Re:One click for $235

[smash]

You do live in the real world, and deal with real world CEOs right?

Re:One click for $235

[__aagbwg300]

You think that's bad? I thought it was done by the Pokemon Institute.

Re:One click for $235

[DJRikki]

Glad I didnt quote him then ;) Using a stop watch though does seem to fall within his abilities ... barely.

Re:One click for $235

[gnasher719]

The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency.

Apple found that the most common problem is this sequence: User turns on encryption, user is asked to create a password, drive is encrypted, user never wrote down or remembered the password. There is a simple user interface change avoiding this problem.

Re:One click for $235

[carpefishus]

"lock on the frontdoor but also a fire extinquisher in the hallway" I would have preferred a car analogy.

Re:One click for $235

[bzipitidoo]

The data you're talking about is not private. SSN, seriously? What stinks about something like the SSN is that you are told you have to both keep it secret, keep it away from identity thieves, and you are frequently required to give it out in plaintext for all the things the identity thieves also want to use it for. How many times now have we heard of some company database breach that leaked thousands of customers' credit card numbers and other "sensitive" info? What really is the point of signing your name, when your signature is so easily obtained and forged? It's pure security theater. The system is seriously flawed at a fundamental level. The reason your info is not all over the place is not because you've guarded it well. You can't protect data that's already in many other hands. It's because most people are honest and don't have any use for it.

Banks and governments and the like ought not to rely much on such publicly known information to authenticate people. We're seeing some progress with the availability of one use credit card numbers, but we need a lot more. We could do some kind of digital signature algorithm on a credit card sized device, fairly cheaply. But evidently not so cheaply that banks feel it's worth doing. At the least, they shouldn't expect you to guard those numbers as if they're a huge, important secret. It was certainly made important to you, but it isn't a secret. FDE is overkill for that, but if you're more comfortable using FDE, go for it. Just don't kid yourself that it protects your SSN.

Re:One click for $235

[Just+Some+Guy]

If the information is that sensitive then what is it doing on a portable device in the first place...?

I don't have information that sensitive by a long shot. But I'm currently a contractor who provides my own laptop and I do have some of my employer's sensitive information - pricing plans, campaign strategies, etc. - on my personal computer because that's what I use to do the work for them. I have OS X's full drive encryption enabled and a two-day-old encrypted Time Machine backup at my house. If my laptop gets stolen on the BART, bummer. I have to go fill out a police report, file an insurance claim, and do other inconvenient stuff. And when I bring my new laptop home, I restore it from the backup and I'm up and running again a couple of hours later. The thief has my hardware but not a single byte of my personal or employer's information.

That's a nice situation to be in. If I did lose my laptop, I can tell my supervisor "sorry for the inconvenience while I get a replacement. Don't worry, though; your stuff is locked up and the thief can't get to it." That is infinitely preferable to the alternative of "umm, we might have a problem."

Re:One click for $235

[Shoten]

The TCO of is more than the cost of installing it.

Joce640k is spot-on, and I'll elaborate. Do you really think that most users are capable of being just fine on a Fedora-based laptop? That users will never forget the credentials to decrypt their hard drives? Or that things won't go wrong...like a bad sector, for example? Support and recovery are the most expensive parts of disk encryption, by far. Additionally, in most situations where encryption is in use, there are regulatory mandates like FIPS or PCI DSS in place, and thus there's a need to provide reporting to demonstrate compliance. Checking a box in Fedora is nice, but doesn't give you the management capability and reporting that you get from a commercial solution that has a central point of management. So for a user or two, sure...check the box. For a company or a part of a company? Get a real solution that's manageable at scale.

Re:One click for $235

[bschorr]

It happens quite a bit actually and FDE is an easy and inexpensive way to protect your firm. It's a heck of a lot cheaper than sending letters to all of your customers telling them you may have just lost their personal information.

Re:One click for $235

[Cederic]

I reckon for most people (outside of finance/defence/govt etc) it's overkill

For most people it possibly is. In Financial Services it's an excellent way to prevent the regulator fining you (for far more than the cost of installing/managing it) due to data loss.

You also need to factor in the reputational cost of losing sensitive customer data, whatever industry you're in.

Seriously sensitive data is rare within an organisation, but large volumes of any data tends to have significant value - otherwise people wouldn't pay the costs of collating and maintaining it.

Re:One click for $235

[slew]

handbrake, parking brake?
primary and secondary brake shoes?
primary and secondary brake pistons and fluid reservoirs?
seatbelt and airbags?

Re:One click for $235

[Lord+Ender]

You may have been in IT for 20 years, but you haven't worked at a level that gives you much exposure to security, clearly.

"Data breach from lack of encryption" is a common problem. From a legal standpoint, data on an unencrypted laptop must be assumed leaked if the laptop is stolen or lost. So when HR loses a laptop and has to buy the whole company credit monitoring - that's an expense saved by FDE. The problem is much worse if you have customer data or data worth stealing.

Is one lock enough? Fuck no. The principle of defense in depth exists for a reason. Because in the computer world locks are constantly being picked and break for no reason. You need multiple overlapping (not identical) security measures or you are already owned.

Re:One click for $235

[RedBear]

I've been working in IT depts for roughly 20 years and can't remember ever having issues related to "data breach from lack of encryption". Not saying it doesn't happen, but I reckon for most people (outside of finance/defence/govt etc) it's overkill.
It raises a question, how much security is too much? Do you have a lock on your front door? 3 locks? 45 locks? If you had 100 locks on your door and only locked 99 of them, would this be considered vulnerable? This is how I think of the security industry. One lock is fine. If that doesn't work, then no amount of extra locks will help. The bad guys will simply break a window.

Holy cow that was the most retarded post about encryption that I think I've ever read here, yet somehow it got modded +5, insightful. WTF, Slashdot?

The password you use to login to your computer is like a door lock. Too easily bypassed.

Full Disk Encryption is like building your entire house out of 6 inch thick plate steel, with plate steel shields that descend to protect the doors and windows when you lock the house. And the bad guys only have their hands, feet and a nail file to use to break in with. Overkill in the physical world? Yes. But in the digital world it now costs about the same as not doing encryption, and makes it thousands of times more difficult for the bad guys to get your data.

Your understanding of the relative benefits of digital security vs physical security is really terrible.

Re:One click for $235

[RNLockwood]

My first thought was that FDE which is required on all notebooks at the agency where I work has now made the startup time go from (a long) very few minutes to an excruciating 15 minutes, more or less. For instance it takes that long for the systems calculations of mouse cursor postion to agree with where it appears to be to me and I can't really do any work on the computer until it settles. The passwords are awful, too. I keep mine in an encrypted file on my smartphone - if I remember. Gotta put the username/password in twice, too; once for FDE and once again for Windows (but it used to be three times so that's progress of a sort.)

Re:One click for $235

[pepty]

FTA:

The study found that the most expensive element of FDE is not the hardware or software involved, but the value of user time it takes to start up, shut down and hibernate computing systems while using FDE

Re:One click for $235

[arth1]

Why, of course. But if you do not encrypt, you're no safer than ... uh ... you're not safe at all because an intruder doesn't even need your password to read the data off the disk. Yes, the safety is limited by the password but that's still a huge improvement over non-encrypted setups.

But not nearly as safe as keeping the key external, not just a password that can be cracked at the leisure of anyone with access to the HD or a copy of it.

To feel safe, as the GPP said, I think TPM, a fingerprint reader and a required password, all combined, would help. Just a password? Not so much.
But then again, it depends on how strong the desire or need is to keep the data confidential. Some might want a polarized display filter too.

Re:One click for $235

[CmdrMcGriddle]

Well its not for every computer in the org. It depends on what the machine is used for and what data is stored on it instead of a server. Good network storage and security can go a long way. Like say, using what has been in windows since NT 3. Time of day restriction. If the regular user / cubicle dweller does not access the office or remote in out side of normal hours then disable that pc's and local account and remote access for out of hours. It SOUNDS like a lot to manage, but it is just a bit of labor, no need to buy anything new.

Re:One click for $235

[dkf]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

As long as you also have backups (with whatever encryption on them that you desire/need) as well, you're right. But don't underestimate the power of disks to fail. I've had a disk fail on me once, and I only lost a week of work (and thankfully most of that was committed to an external source repository, so it wasn't actually lost at all) because I had a backup on an external device. If you're keeping stuff that it is important to retain a copy of, make an extra copy. (Do it, do it today!)

Data security is not just about protecting against malicious humans.

Re:One click for $235

[haruchai]

Let's not forget that it has to work and the admin has to know that it's working properly.
This is not a trivial task.
We use WinMagic's SecureDoc on 10,000+ Windows PCs and while it's worked pretty well, we've had a spate of unusual problems - users hibernating their laptops at the office, going home and then being unable to resume or thousands of PCs that were supposed to have only read-access to USB keys / external drives suddenly having full or partial write access.

There's also an overhead, significantly higher than what the vendor claims, that is clearly demonstrable between an encrypted and unecrypted PC - our best guess is an interaction with McAfee.

Re:One click for $235

[dkf]

Did you type it in while at the hotel, trusting them not to have a camera?

Why are you taking high-security data to a low-security location in the first place? You fail Security-101.

Re:One click for $235

[icebike]

I love my system. And I wish more people encrypted and backed up their stuff regularly. The peace of mind is worth it. My data is always safe from failures and intruders, whether it be one my system at home, or my backups in other locations throughout the country.

Chances that your data will be stolen over the net probably exceed the chance of physical theft by a factor of 10.
Full disk encryption doesn't help this, and anything that can be foisted into your system will have disk access.

This is where the fallacy in TFA manifests itself.
The risk is the network connection, not the drive.

Re:One click for $235

[Rich0]

Does Fedora actually support passwordless full-disk encryption (ie the key is in the TPM)?

This can certainly be done on Linux, but the only "distro" I've seen that uses it is ChromeOS. Actually, I'm not completely certain that it even uses it (profiles might just be encrypted with the Google password - which isn't nearly as good).

Most distros just use LUKS, and that isn't nearly as good as full-disk encryption. If the user forgets the password (or refuses to give it to the computer owner) the drive is lost, and so on.

Re:One click for $235

[TarPitt]

Full Disk Encryption means I don't have to worry about it.

Until a minor disk flaw renders the entire drive unrecoverable

Re:One click for $235

[arth1]

1. Full-disk encryption with a strong password completely protects you against a number of realistic threats, such as a sophisticated criminal acquiring your laptop from a thief and using private information to conduct identity fraud.

"completely"? I would think that a sophisticated criminal would be able to run truecrack or similar against it - or even rent a botnet or cloud service that does it for you.

Re:One click for $235

[Tetch]

MOD PARENT UP

It's the least we can do to make up for the lousy moderation he's quite rightly complaining about.

Re:One click for $235

[smash]

Thats exactly the sort of information I'm talking about. Our internal expenses, pricing plans, strategy etc would be a huge advantage for a competitor to get hold of.

I would suggest that your average MD / CEO will have all sorts of similar information in their Outlook OST file, PST files, spreadsheets and draft word documents. They tend to work on information such as this (even checked out/cached versions of the network share) whilst on the road.

If you think the typical high level business stakeholder doesn't have similar stuff on their laptop, you're deluded.

Re:One click for $235

[tlhIngan]

I am expensive, but not that expensive. I don't charge a customer $235 to click a full disk encryption check box while installing Fedora Linux. Maybe I should...

I understand full disk encryption, but actual usage of a customer provided laptop (to meet their security requirements) has given that cost to be on the "low' end.

First, we've suffered odd "delayed write failures" on Windows when we acquired a set of brand new i7 laptops. It mostly affects our VirtualBox disk images, and gotten so bad some of my coworkers lose half a day while they delete the old disks, reinstall the VirtualBox Appliance image (which lays down a preinstalled OS image so we're up faster) and reconfigures everything, including removing the appliance provided disks and restoring a backup of the disk files. IT did some things which mostly restored things, but it took several days.

Next, we came into some oddball BSoDs which IT a week later figured it was an interaction between a Windows update, the disk encryption software, and the virus scanner. Worse yet, not everyone saw the BSoD - as part of the investigation in the first issue, my system got updated to the new virus scanner which solved my delayed write failure problems. So I never saw that, while IT was figuring it out.

In the end, the blame fell int he combination of FDE software, antivirus, and monitoring software.

Of course, they don't use TrueCrypt, which I think would've solved half the problems...

Re:One click for $235

[Tastecicles]

a bullet would render any drive unrecoverable, encrypted or not... your point?

Re:One click for $235

[Havenwar]

If people want my DATA enough to go after me with a wrench, I'll give up my password before they even lift it. Well, either that or I've gotten involved with something really fucking weird. Anyway, that's not the standard use-case here... People want my laptop. It's expensive. Odds of getting my laptop stolen are a lot higher than anyone taking half an interest in what's on it.

But when they've stolen it, I'd rather they were forced to do a re-install to use it, rather than give them for free, without an effort, the bonus of banking details and personal information as well as private correspondence, which they are likely to stumble on while looking for my porn stash. (Not that I bother hiding it.)

These people won't be coming after me with a wrench to find out what's on the encrypted drive... they'll re-format and move on. Anything they would have found would have been a bonus, but it was the hardware that lured them into it from the start and that's what they'll focus on. Meanwhile if I'm encrypted I get a new machine on the insurance, restore from backup, and is safe and sound. If my data was unencrypted... well, then I'd have to go through the process of changing every password, securing my finances as best I can, protect myself against fraud and identity theft, and explain the loss of private pictures to the people on them, and so on.

I don't think you are quite assessing the right risks here. It's not about being safe in the extreme case of people wanting your data, it's about your data being safe in the much more likely case of someone getting access to your hardware.

Re:One click for $235

[Havenwar]

Yes, but with a strong password they can keep doing that for the rest of your natural life and still not get in. So it's a non-issue.

Re:One click for $235

[bluefoxlucid]

You're silly. Nobody is going ot physically steal your shit. They're going to hack your computer and take it while the disk is decrypted by the OS drivers.

Re:One click for $235

[lsatenstein]

I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password. If you're worried about that, put the password on a piece of paper in a safe deposit box or some other type of storage at home.

What happens if your computer mother-board is fried, and you buy a new machine, plug-in the encrypted hard disk as a second drive?

Does the system ask for a password when it should be mounted? Realise it is not the primary boot disk

Depends on the data, doesn't it?

Doesn't it make a HUGE difference what that data is?

Re:Depends on the data, doesn't it?

[Joce640k]

Heretic!

Re:Depends on the data, doesn't it?

[Antarius]

Why do we need to encrypt an 18 year old game that has had the source code released? ;-p

Truecrypt TCO

[nereid666]

Does it cost Truecrypt TCO $403 year? for a company with fewer of 50 employees? I know Trucrypt don't have, enterprise functionality, like admin and user password, integration with identity management, but I thik 403$ year only in support and maintenance, using this opensource and free solution. And It is very difficult to meause the value of the information of a laptop.

Re:Truecrypt TCO

[neokushan]

Truecrypt is fantastic software. I find it's a lot easier to use and understand than Microsoft's Bitlocker (What's that about a TPM module? Do I need a USB stick or not? So many questions!) and it just works.

Re:Truecrypt TCO

[bertok]

The main difference between Truecrypt and Bitlocker is that the latter allows transparent decryption, which is very hard to solve without special hardware (TPM). Additionally, Bitlocker has automatic key escrow to Active Directory, but Truecrypt can only do the same kind of thing manually, which is useless when managing large numbers of computers.

If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

Re:Truecrypt TCO

[DamnStupidElf]

If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

The TPM is worthless as long as the consumer hardware and operating system are piles of security vulnerabilities. Once the TPM has given up the keys to the OS it's usually trivial to find a privilege escalation or dump the RAM with a firewire/PCI device or just do a cold-boot attack.

Real Costs

[HateBreeder]

Did he factor in the costs of the reduced IO performance?

Re:Real Costs

[M1FCJ]

Compared to the disk transfer rates, negligible.

Re:Real Costs

[pthisis]

At least partially:

"The study found that the most expensive element of FDE is not the hardware or software involved, but the value of user time it takes to start up, shut down and hibernate computing systems while using FDE. "

But this study doesn't pass the smell test. Take this, for instance: "The cost savings from reduced data breach exposure was $4,650." Imagine that FDE takes the risk of data breach on a stolen disk from 100% down to 0%. And imagine that any given computer has a 1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it). Both of those are very generous estimates.

The average value of a lost computer to my company--either in terms of profits lost or competitor's profits gained--would have to be $465,000 for the math to work. Which as a median doesn't make sense.

If it's a mean, it only makes sense because there are a handful of computers whose value is tens or hundreds of millions of dollars counterbalancing the vast array of other computers worth far less--but if that's the case, the right solution probably isn't to lump all machines together for analysis purposes, it's to segregate out the high-value targets and treat their security differently from the low-value targets.

Re:Real Costs

Not when you're using an SSD.

Re:Real Costs

[felipekk]

Another important question is "Who pays for each of those figures?".

The user obviously "pays" for the $235 dollars in TCO, but if the government/industry is the one paying for the $4650 then we have a disconnection between the interested parties, which could make it harder to convince the consumers to adopt this technology.

Re:Real Costs

[neyla]

Agreed on the smell-test. No matter how good a security-measure is, it cannot save more money than is lost without it. (i.e. the best possible security is 100%)

Thus for FDE to save $4650/computer/year, the current cost of data-loss that would be avoided with FDE must be atleast the same amount.

There's about 100 million computers sold annually in USA, essentially none of which have FDE. The average computer is used for atleast 3 years. The total *current* cost of data-losses must thus be atleast: 100M * $4650 *3 = $1395 billion/year.

That doesn't pass the smell-test. It would mean the losses add up to $12500 a year for each household, which is utterly ridicolous.

Re:Real Costs

[MtViewGuy]

That would be true in the past, but today with most hard drives running Serial ATA-II interfaces, the performance hit is not as bad as it used to be. And with SSD drives, the performance penalty is negligible.

Re:Real Costs

[smash]

Depends on your CPU. Modern CPUs with AES in hardware can likely do SSD transfer speed at line rate.

Re:Real Costs

[smash]

No, those are POTENTIAL losses. And in a $13tn economy, potential loss of 1.3tn if every computer in the economy was compromised and data was leaked doesn't sound unreasonable?

Re:Real Costs

[leehwtsohg]

Well, you have to also include the gain to the competitors.

Re:Real Costs

[pthisis]

According to the article, they're the average actual losses, not potential. If the potential losses were $4650 and the actual annual cost of FDE was $235, then you'd need to believe that every computer has a 5% chance of being stolen and exploited every year in order for FDE to be worth it; the article would have to conclude that FDE isn't worth it for the average machine in that case.

By ginning up a ludicrously overstated actual loss, though, they're able to make FDE look like a total bargain--at least until you start thinking about it enough to realize the numbers are cooked.

Re:Real Costs

[Zero__Kelvin]

In which case disk I/O really isn't your bottleneck anyway, now, is it?

Re:Real Costs

[tomhath]

1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it)

A 1% chance of a lost or stolen laptop might not be out of line. This study was about protecting corporate data, not Aunt Minnie's recipe collection. You need to assume the data will be exploited if it can be.That means investigating what was on the drive, changing passwords, possibly informing various government agencies, etc. The cost of lost financial or medical data adds up very quickly even if the machine was wiped and sold on eBay.

A company I worked for about 10 years ago did a full audit of all PCs; they couldn't find somewhere around 25,000 machines. Lost, stolen, misplaced, decommissioned and scrapped with no record, etc.

Re:Real Costs

[Just+Some+Guy]

The average value of a lost computer to my company--either in terms of profits lost or competitor's profits gained--would have to be $465,000 for the math to work.

Unless you work in a regulated industry that can fine the living crap out of you for releasing confidential information. OK, OK, stop laughing. I know that anyone wealthy enough to have access to that much personal information will be wealthy enough to get a written warning instead of a fine, but hypothetically they could be penalized.

Re:Real Costs

[neyla]

That's not true. If that was the case it'd make no sense comparing the *actual* costs of FDE ($235/computer/year) with the *potential* losses. You'd need to multiply the latter with the estimated likelihood of that loss to get an average loss, and the study makes no such attempt, instead it concludes that FDE is a big win because $235 is less than $4650.

Ponemon Institute

A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20

But it's definitely worth it if you don't want your Ponedex to be stolen.

Am I the only one that read...

[yourtallness]

A recent study conducted by the Pokemon Institute... :-P

Re:Am I the only one that read...

A recent study conducted by the Pokemon Institute... :-P

What's vastly more worrying is that I did read it as Pokemon institute, but thought nothing of it until you pointed it out.

Re:Am I the only one that read...

[Psychophrenes]

+1

User still a risk point

[N1AK]

One issue with IT security is that policies and security measures like this are only one small part of the picture. My partner works in a government affiliated company and has to use FDE for all PCs. Because of how they have implemented it they virtually all still use the default key (which wasn't random) and if you change it then you thwart the original intent of having quasi-hotdesks.

Passwords written on desks, stuck to the screen etc are common in many places. Sending files off-network to places like dropbox or email to get around security 'hassles' is widespread. The owner of my current firm wants to use an iPad, because we won't let it on network he does most email from a web email account!

FDE with rubbish passwords is entirely pointless as anyone with motivation to get in can. If you start requiring complex passwords the risk of people writing it down and storing it with the PC increases. We need to stop thinking about security as a technical issue and work out how to produce 'secure enough' systems which users don't subvert or misuse.

If removing security breaches is worth nearly $5k a year then surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring. Even better would be combine it with a RSA style password device for two-factor authentication when providing a password (thus making less complex passwords less of an issue).

Re:User still a risk point

[VoiceOfSanity]

Let me state that the company I work for had not one, but two instances where the loss of a non-encrypted device could have potentially led to a data breach. In this case the data was personnel data for the company, some 100,000+ employees. *THIS* is what forced the company to do a company-wide encryption of all computers, including servers. Yes, it meant a slight slowdown when data was being accessed and decrypted, but it was better in the long run for protection of company information.

The use of full disk encryption is just one layer of security the company has installed. By itself it gives a measure of protection, but in combination with others (such as disabling user name/password login for Windows 7 and making people use a card and a PIN to log into the computer) minimizes the chances of another loss of data. It doesn't fully eliminate it, but it reduces it significantly.

As for recovery of data on an encrypted drive, we have to send that drive to a group within the company, who are the only folks allowed to have the necessary keys for decrypting a drive. The previous software (which was used on Windows XP) had a challenge/response code that needed to be entered before decryption, but the new software under Windows 7 is locked down so that local IT support cannot decrypt a drive. Yes, it's an expensive package, but the company is willing to spend the money considering how much in proprietary and government information they have to keep controlled at all times.

Re:User still a risk point

[Phroggy]

...Surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring.

Or affix it to the laptop with a piece of tape, so you wouldn't have to worry about not being able to get your work done in case you forget your wallet or your keys. :-D

Re:User still a risk point

[Just+Some+Guy]

My partner works in a government affiliated company and has to use FDE for all PCs. Because of how they have implemented it they virtually all still use the default key (which wasn't random) and if you change it then you thwart the original intent of having quasi-hotdesks.

That kind of stuff drives me crazy. OS X's FileVault does this right by 1) encrypting the drive with a user's own password, so they pretty much have to remember it, 2) providing a recovery key that IT can store somewhere for later recovery if the employee gets hit by a bus, and 3) optionally registering the recovery key with Apple so that they can decrypt it for you (which might be nice for non-paranoid end personal users, even if most companies wouldn't want to use it).

Here's more information about enabling FileVault. While I've mentioned FV a couple of times in these comments, I'm not in love with it or anything. It's just that it works well and conveniently, and if other manufacturers can't do the same, then it's a problem with their implementation and not the concept in general.

translation

[Hazel+Bergeron]

'After doing all of the math,

"After applying some simplistic formula"

Ponemon

"the guy promoting his firm with this /. article"

found that the cost of FDE

"without specifying any important parameters such as number of computers or environment in which they are used"

on laptop and desktop computers

"but noting that some were laptop and some were desktop because that makes the result sound a little more convincing"

in the U.S. per year

Encryption is a lot more expensive in Scotland. They can always look up yer kilt and ken yer keys!

was $235,

If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

while the cost savings from reduced data breach exposure was $4,650.

Or $100,000, or life imprisonment, depending on your particular situation. Statistics: on average, not very useful.

Re:translation

[ciderbrew]

SPOILER ALERT PLEASE

If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

You mean it's not real???

Re:translation

[AmiMoJo]

In other news a car manufacturer calculated that it would be cheaper to pay compensation to people killed by faulty parts than to issue a recall.

Clearly the cost of a data breech needs to be much, much higher.

Re:translation

[fustakrakich]

"Safety doesn't sell" - Lee Iacocca

I'm rich!

[mwvdlee]

...$235, while the cost savings from reduced data breach exposure was $4,650.

I've got an old laptop lying around that's not doing anything.
Last thing I did with it was a clean install of a win8 beta.
You say if I encrypt it's harddisk, it saves me over four thousand US$?

Re:I'm rich!

[smash]

Yup, it will pay for 3 new machines with AES in hardware!

Average or median?

[teg]

It would be interesting to see the median cost savings, vs. average cost savings. For most, I'm guessing that the cost would be rather low - less than the cost of new hardware and setting the system up again if you lose it - but that you have some extreme outliers.

That said, for OS X, Red Hat Enterprise Linux (and similar for others, I'm sure) and Windows 7 it is trivial to enable.

Share your experiences

[Compaqt]

It would be handy if people could share their experiences with encryption.

Good, bad, ugly.

E.g., is it better to encrypt your home directory (as Ubuntu gives you an option for), or the whole disk?

Has anyone had a problem where you were unable to access your encrypted home directory or drive?

Does encryption increase the possibility that a small problem on a single sector of a disk will render the whole volume unreadable?

What about using encryption along with various levels of RAID?

In some circumstances, I'll connect a harddrive via USB. If you disconnect it, sometimes Ubuntu won't let you access the encrypted volume again until you physically turn on and off the drive (or, sometimes, reboot). Stuff like that makes me fearful.

Re:Share your experiences

[AmiMoJo]

It is best to encrypt everything. Otherwise you have to worry about keeping secure data in secure areas. For example if you just encrypt your home directory then the system temporary file locations could end up storing some of your data in plain text as it is processed. The page file/swap partition are good examples.

There is more risk of your data becoming unreadable, but that is what you keep backups for.

Re:Share your experiences

[Dodgy+G33za]

If only it were possible to design an operating system that kept all user data in one place but apparently a fundamental law of physics states that this is not the case.

Re:Share your experiences

[fa2k]

Full disk is probably better, but it should be sufficient to encrypt /tmp, swap, /var/tmp.

Without full disk encryption are also more vulnerable to attacks where the attacker installs a keylogger or back door on the non-encrytped part. The difference is only in the amount of work that the attacker has to do, as there is always some part of the bootloader that remains un-encrypted. Windows Bitlocker provides additional protection against this by using the TPM. In reality, though, you should wipe the hard drive and possibly discard the whole system if it got taken by an attacker and then returned to you (if this is a concern, never leave a laptop in an insecure place).

eCryptfs, commonly used for home directory encryption, encrypts files individually on the fly and then stores the encrypted files on an un-encrypted file system. The file names are encrypted, but an attacker still has access to approximate file sizes, directory structure, etc. A more important downside of eCryptfs is that it has a significant performance penalty relative to full disk encryption. This is especially noticeable when scanning the directory tree, such as when using rsync. The reason for the difference is that eCryptfs has to access the header of every file (not sure about the exact terminology, some API call).

For plain LVM software RAID or hardware RAID it should be sufficient to encrypt the virtual RAID device. This is faster than encrypting the constituent drives individually.

Truecrypt recommends against using SSDs because the wear-leveling algorithm can cause old data still to be present in flash, even when logically deleted. When using a new drive without any unencrypted data, it should be fine to use an SSD, at least when considering the scenario of someone stealing the device.

For advanced filesystems with built-in RAID, like btrfs and ZFS, you can't encrypt the virtual RAID'ed device. The choice is between encrypting the underlying drives individually, causing more work for the CPU when writing, and using eCryptfs, causing more random reads when scanning through directories. In the first case, the attacker will have access to approximately the same plaintext encrypted with different keys, but there is no known attack where that is an advantage.

Re:Share your experiences

[fa2k]

As you were asking for experiences, I use TrueCrypt for my laptop and eCryptfs on the desktop, along with LUKS encrypted swap and /tmp on a tmpfs.

More importantly, *use long passwords* ! Systems like TrueCrypt try to make offline attacks difficult (see the docs)

1000 iterations (or 2000 iterations when HMAC-RIPEMD-160 is used as the underlying hash function) of the key derivation function have to be performed to derive a header key, which increases the time necessary to perform an exhaustive search for passwords (i.e., brute force attack)

It's still an offline attack, meaning that someone can image your drive and have at it, without you even knowing (again, they would probably be better off installing a key logger in this case though). There are huge databases of passwords on line, and it's possible to design dictionary-based attacks which are much more efficient than brute force.

Re:Share your experiences

[jroysdon]

I used to be fearful, about 5 years ago. The first step is to make sure you have a really solid backup plan. I have a home server which I use rsnapshot to to store rsync diffs. This can be performed as often as I like (hourly, once per boot, weekly, etc), or even automated (I don't as I don't want the hassle of having to wait for a backup to finish before I shutdown/hibernate).

Once you think you have a solid backup plan, pretend you just lost your hard drive. The best method is to have a second system (or second hard drive, and swap out your real one) to which you will restore to and not touch your original. Once you truly know you have everything backed up and don't need anything from the original system, move to encrypting your disk.

Oh, and what good is encrypting your disk if you don't encrypt your backup? Naturally you want to trust your backup to be solid (especially during system upgrades/migrations when the originaal is at risk), so you're going to want to have two backup devices. Server + external USB hard drive is a nice solution. I'm a big fan of offline storage (only servers have to have the key in memory and thus have the encrypted data available), so I have two external USB hard drives which I rotate. Fire or other disasters may happen, so I rotate that external hard drive to work, then bring the one at work back home. Worst case I may lose 2 weeks of data (which would be minimal, as any major changes of data trigger a home/work external hard drive swap). Take a step further and have a third hard drive you keep off site at a family member's house 30+ miles away (thinking flood plains here). Rotate taking a drive to that location and bringing it back on family visits.

Ok, sorry to digress. Now, when I install, since I know I'm not going to lose any data, I do full encryption on all newer systems that aren't "budget" boxes. I've got a number of hand-me-down laptops (P4, other pre-Intel Core processors, etc.) that the family uses, which still work just fine for simple school research, writing a report, etc. For these systems, I partition things out and encrypt: /home /tmp /var/tmp swap. The rest is part of / and not encrypted for performance reasons.

I've been doing this for 5 years and a dozen laptops and 5 external USB hard drives and never had a problem due to disk encryption. Many of my laptops don't detect the battery power accurately any more, so I've had a handful of sudden "off" situations where the system shutdown uncleanly. Never been a problem and once the disk is decrypted ext4 does it's thing and I keep going.

I have had a failed hard drive in that time. I typically keep the OEM OS and resize it and keep it set to dual-boot so I can "troubleshoot" with the manufacturer. The nice thing about having all my personal data encrypted is that when I had a failed drive, I had no worries sending it back to them as I knew they could not access anything.

I too have run into the issue with Linux not wanting to automatically re-mount the drive when I plug it back in. I also have manual scripts to do all the LUKS scripts (for this reason, and also on my servers which have no GUI, or when using a recovery CD where I want to know exactly how to access my data), and those will work in cases like that.

Here are the rough notes:
# http://wiki.centos.org/HowTos/EncryptedFilesystem

losetup /dev/loop7 /dev/sdb1
cryptsetup luksOpen /dev/loop7 secretfs7
# password prompt here
cryptsetup status secretfs7

#/dev/mapper/secretfs7 is now active:
# cipher: aes-cbc-essiv:sha256
# keysize: 256 bits
# device: /dev/loop7
# offset: 2056 sectors
# size: 3907021946 sectors
# mode: read/write

mount /dev/mapper/secretfs7 /mnt/usb7/

#########
umount /mnt/usb7/
#cryptsetup remove secretfs7
cryptsetup luksClose secretfs7
losetup -d /dev/loop7

Re:Share your experiences

[jimicus]

The operating system itself isn't the problem.

Sure, you could (on Unix at least) limit yourself to encrypting /tmp, /home, /var (in case some dozy app developer decided to write passwords out to a logfile), / (in case some dozy application requires a plaintext password in /etc) and the swap partition. But by this point you may as well encrypt the lot and have done with.

Worth it?

[GeekWithAKnife]

Well, sure, the probability is such and such and YET you cannot say for sure if your data will be stolen tomorrow. What is your data worth to you? One would have to weigh the costs of data loss compared to the cost of protecting it, some data is worth X. It's X because we cannot always calculate what it would cost for the data to be seen by the wrong party. How much is it worth to encrypted bomb blueprints as another layer in protecting against it falling into the hands of a possible threat? how do you quantify that? So if full disk encryption worth it as opposed to what? not using encryption? hardware encryption on disk? software? The probability that only the person who owns the data can tell you if it's worth it is very high indeed. It may be worth far more than everything that person owns.

Data loss

[tempmpi]

What about the cost of data loss because users forget their password?

Re:Data loss

[jsse]

What about the cost of data loss because users forget their password?

Don't worry, that's what super-admin password is for! ....did I just say that out loud?

No kidding

[Sycraft-fu]

In a corporate environment, you have to have some kind of key management system. You can't do FDE with a free utility that is just "Enter the password to get in to the computer." Well why not? Tow big reasons:

1) What if the person suddenly up and dies, and you need to get at the data? A backup won't help if said backup is also encrypted with the same password that only they knew. You need to have a system to get in.

2) More commonly, what do you do when a user forgets their password? This happens ALL the fucking time. People cannot remember passwords, just how it is. Just losing data is not an acceptable answer, so you have to have a system that can get in.

Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

As an example at work a lady forgot her password, as she is known to do on days ending in "y". So she couldn't get in the encrypted laptop that has key codes for the doors (she deals with that). She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory. This meant my boss couldn't log in to do any kind of override. So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working. Took a fair bit of time to do.

You have to count all that kind of thing in cost calculations. You can't pretend like it isn't a cost. Yes you already pay his salary but he has about 5,000 other thing to be doing that weren't being done while he worked on that. Needless to say if this were being used for more than a couple systems (we only use it in special cases) it would quickly need one or more people who's job was to administer it and deal with all the problems caused by it (meaning by users).

Re:No kidding

[bertok]

Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

Security only costs extra if you had nothing to begin with, which basically never happens. Any corporation with data worth stealing is likely to have Active Directory, which has a convenient key escrow functionality built right in.

If you've already purchased Windows Server and have standardized on Windows 7, then full disk encryption with all the goodies is just a few button clicks away, and costs nothing but the 60 minutes it takes to read through the relevant technet articles and then setting a few settings in group policy.

She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory.

That's not her fault, that's the IT department's fault. That laptop can't possibly have been properly patched, its data synchronized, or up-to-date security policies applied. That should have rung alarm bells in the system, or locked her out until she did synchronize successfully.

Which can be done wirelessly these days. From home. Using transparent VPNs that require zero user interaction. All of which can be monitored centrally.

So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working.

Wait, wait, wait.. let me get this straight: she failed to authenticate properly with the system for something like a year, which then correctly locked her out after the timeout expired, protected the data on her laptop, allowed you to recover the data as designed, and all of this required just a few minutes of typing? And to top that off, the security system insisted that her hopelessly out-of-date credentials cache be updated to verify her account?

OH MY GOD THE HORROR! The hassle! Why doesn't the crypto system just fall dead and recognize how important this lady is and unlock all of her data, despite her ongoing blatant violation of IT security policy! The nerve of Microsoft for designing such a thing! Next thing you know, they'll insist that you use passwords to log on to computers! Can you imagine?! We just won't be able to get any work done around here any more!

Clearly this is all just a giant conspiracy to drain valuable IT resources.

You have to count all that kind of thing in cost calculations.

Additional electricity due to use of AD Policy Driven Bitlocker encryption: $57.35
One hour support call to fix non-compliant user's locked out system: $197.50
Incompetent IT team: $457,350.00
Potential lawsuit due to leaking user data: Priceless.

Yes, you do have to factor that kind of thing in, you're right.

Re:No kidding

[RaceProUK]

*points to joke*

Re:No kidding

[yotto]

As an example at work a lady forgot her password, as she is known to do on days ending in "y".

Not to be a complete smartass, but what day doesn't end with a 'y'?

Not to be a complete smartass, but that's the joke.

Re:No kidding

[bjorniac]

"Tomorrow", for one.

Anti-joke-chicken-mode:
OP was using hyperbole, all day names end in "y", hence he's implying that the lady at work forgets her password every day.

Re:No kidding

[Cytotoxic]

Well, that was certainly a snarky reply for someone who doesn't understand the point Sycraft-fu was trying to make. He was talking about the TCO calculations and why "you can get full disk encryption for free with Fedora" isn't really applicable in a corporate environment. Not complaining that "it's really hard and a complete drain on IT resources".

The article includes these costs in their TCO calculations, and indicates that the largest expense is in lost user time due to slower boot times, sleep times and most importantly - lost productivity due to lost passwords. Sycraft-fu's example is perfect for this scenario as the laptop with the key-codes for the door was inaccessible for some period of time. Likely a few hours, since she probably futzed around trying to remember the password for a while before getting over to IT for help. Then she had to wait for the authorized manager to recover her password and sync to the AD. He said you have to factor in user mistakes (like forgetting the password) as a cost of full disk encryption. He's right.

Your straw man about a "giant conspiracy to drain valuable IT resources" is just plain silly.

Re:No kidding

[1s44c]

As an example at work a lady forgot her password, as she is known to do on days ending in "y".

Not to be a complete smartass, but what day doesn't end with a 'y'?

Christmas. Oh and Easter.

The point is she forgets her password a lot.

Re:No kidding

[bertok]

You also missed my point, which was that the FDE (in combination with everything else involved) was doing exactly what it was intended for.

The cost overheads are negligible, and the article massively overstates them.

FDE, like passwords, are only a problem in environments with poor IT practices.

For example, I hear people go on about how "password management" is an "expensive headache" all the time. However, I only hear that in environments where the IT department failed to consolidate to a single directory system, and every password reset becomes a nightmare of synchronization, replication delays, incompatible password rules, and account lockouts. Meanwhile, in competent IT land, a password reset takes seconds and never fails.

FDE is similar. When used incorrectly, it requires extra steps and is a royal pain in the ass. I've seen some government environments that insist on using proprietary software to encrypt everything, including USB sticks, which then end up copying files at 100KB/s. That was because they were using old operating systems that didn't have Bitlocker built-in, and they picked the "cheapest" encryption product instead of the best. Had they simply kept up to date with new operating systems (which they were licensed for anyway under maintenance), they could have had a low-overhead system that you'd have to benchmark to notice.

He said you have to factor in user mistakes (like forgetting the password) as a cost of full disk encryption.

Except that normally Bitlocker is transparent to the user, and doesn't require a password. Hence, not an expense.

The password he was referring to was the recover key held in Active Directory, which doesn't require memorization. If you're resorting to recovery keys, then it had better be an unusual scenario, like a user who hasn't synchronized in a year.

It's a lot like complaining that passwords are an "overhead" because people who haven't been given a password can't access the system!

The lady's scenario is perfect. If she hadn't logged on for a year, it would be at least an hour or two to bring her computer up to scratch anyway. At the very least, it's going to require a couple of reboots worth of patches, a virus update, a full disk virus scan to be sure, and probably significant application package updates. Having to type in a 48-digit recovery code on top of that is going to add what, a couple of minutes tops to a multi-hour process? That's maybe $5 of employee time in exchange for hugely stronger security.

Re:No kidding

[tgeek]

Don't forget to add in the cost of redeploying Win 7 Enterprise to all those laptops your predecessor let get into users hands with Win 7 Pro preloaded by the manufacturer.

Re:No kidding

[tgeek]

That's assuming your PHB is like my PHB and refuses to consider any alternative to an available MS product . . . Bitlocker in this case.

Re:No kidding

[plover]

There's another cost the article didn't consider. That is the risk of losing the data due to the failure of a poor FDE implementation.

Our story is that we still have a lot of XP machines that are protected by our corporate-chosen FDE system, McAfee's Safeboot. Not that long ago some HQ team rolled out a BIOS upgrade. Turns out that on our development team's machines, which are some big honking desk towers (not portable laptops that tend to be stolen in coffee shops), the BIOS upgrade nuked Safeboot's ability to load its keys. So we had a dozen developers lose their boxes thanks to FDE. Of course extra special thanks go out to the corporate numbskulls who were "just following policy" when they allowed the faulty BIOS upgrade to continue after discovering the first bricked system a day early!

One dozen developers times 40 hours each to rebuild their dev environments, plus whatever projects they were on falling behind by a week each, that's a lot of money wasted. And the risk they averted? These towers are the opposite of portable. They're cabled to the cube walls, and the cases are padlocked shut. They have source code on them, not customer data. In short, these are among the least risky boxes in the company, in terms of the types of losses FDE is intended to guard against.

Of course, if you carry the math all the way through, this screwup only added a few dollars to each FDE (maybe from $388 to $392 or so) yet the overall risks of loss by theft remain at $4650, so it's still a net positive to have FDE. But it sure is a pain in the ass.

Re:No kidding

[QuantumRiff]

BTW, The "normal" Corporate version of Windows 7 does not include BitLocker support. You need the "extra spendy" Version.

My company was supposed to be part of a "Case Study" with Microsoft on Bitlocker, but ended up skipping it, and going with another product. Reporting and monitoring was a nightmare. The only way you could tell if it was done encrypting a drive was to look at the local pc, if I remember right. Which really sucks with a very mobile work force. Also, key recovery was possible with Active Directory, but did not work properly in things like Windows PE. I'm sure many of those have been fixed, but at the time, it was pretty basic.

it depends

[smash]

on a modern cpu with AES hardware acceleration, the cpu cost is minimal. if you have valuable data, you'd be negligent not to enable it.

Re:it depends

[kholburn]

http://www.reallydodgy.org/ -->
Http/1.1 Service Unavailable

Yep, really dodgy

Re:it depends

[smash]

note: slack

Re:it depends

[wvmarle]

My data is really valuable. To me.

And for that reason, I don't encrypt. I don't want to forget my password and have everything inaccessible.

For most of the rest of the world, the photos and so that I value so much, don't have much value, if any at all. I'm not even going to put it on ftp to let the world mirror it, because I don't think there are even enough people interested in mirroring those files to make that work.

Re:it depends

[lpq]

I've not seen any AES accelerated algorithms give better than
~125-140MB/s. On SSD's with 400-600MB/s throughput.

That means just on single SSD's you get 300% greater performance
than with.

On a RAID, it gets worse. A HD raid can easily get to 1-2GB/s, so the
unencrypted to encryption encumbered rate is more like 800-1500%.

With SSD based raid -- that goes up to 3000-4000% of our speed being thrown away.

How is that not expensive?

Re:Truecrypt FTW

[smash]

So, how well do you stand up to beatings/torture, tough guy?

Re:Truecrypt FTW

[Rogerborg]

I love giving police the finger when they demand to see what's on my laptop

And in your fantasy, does the Lady Cop say "Oh, Mr Neckbeard, your fingering is so... virile," then bow-chicka-wow?

There's nothing so sad as preparing for an apocalyptic showdown with The Man, when The Man could not possibly care less about you or your data. Encrypt, don't encrypt, you've got more chance of being eaten by badgers than subjected to a search-and-seizure.

Funny view you have there

In our (European) company FDE was rolled-out because we are obliged to protect customer information.

No, not because company was scared of the penalties.

It's kind of funny how US businesses quantify it all.

Re:Funny view you have there

[tomhath]

we are obliged to protect customer information

What happens if you don't fulfill that obligation? No penalty if data is compromised?

Re:Funny view you have there

[gweihir]

I believe under UK law, that we have a responsibility to 'reasonably' protect data, which is basically, what ever the solicitors can argue is reasonable! Because of this, we decided that reasonable was to enable full disk encryption on all showroom computers, all laptops, and all company mobile phones.

Your argument hints that this may actually have been sort of an ethical decision. From my experience, US companies are not aware of than angle.

Re:Funny view you have there

[gl4ss]

we are obliged to protect customer information

What happens if you don't fulfill that obligation? No penalty if data is compromised?

penalties vary from nothing to having the operation closed down. of course if you're a government official loosing a laptop full of social security data then nothing.

Re:Funny view you have there

[wvmarle]

Well, of course. As much as many people would love to, shutting down the government is not a practical option.

Re:Truecrypt FTW

Not quite true. If they can prove that the laptop belongs to you, and use it regularly, and disk seems encrypted, and they have a court order to be able to access the disk, then your can probably find yourself in contempt of court for not decrypting it.

Truecrypt full disk, nearly 5 years

I truecrypt, full disk encryption, had it for nearly 5 years on XP. No noticeable problems, no noticeable slowdowns.

I also truecrypt my USB drives, I don't see the reboot problem you list with Ubuntu, and yes I have removed them sometimes without remembering to dismount them (and yes you will still get corrupt files if the flash is removed before it's written the file out), it doesn't fix your own mistakes.

But that said, it doesn't give me any issues. None.

Recently had the power supply replaced on my PC, and repairman wanted the password to check 'my computer was working'. I declined to give me the password for a replacement PSU. Glad I had my HD encrypted.

Re:Truecrypt FTW

[Tastecicles]

you offering?

Re:Truecrypt FTW

[Tastecicles]

No one is bound to answer any question if the answer thereto would, in the opinion of the judge, have a tendency to expose (him) to any criminal charge, penalty or forfeiture which the judge regards as reasonably likely to be preferred.
  - Established precedent over 1100 years of Common Law, from the Code of Alfred 870 to the Fifth Amendment of the US Constitution.

In Saunders v UK (ECHR), according to which "the right not to incriminate oneself does not extend to the use in criminal proceedings of material which may be obtained from the accused through compulsory powers but which have an existence independent of the will of the suspect, such as, inter alia, documents acquired pursuant to a warrant, breath, blood and urine samples and bodily tissue for the purpose of DNA testing".
This would only extend to a passphrase which exists outside the mind of the defendant. It would be on the prosecutor to prove that such a document exists to obtain an order against which refusal would result in a finding of contempt. Therefore, no court can force disclosure of a passphrase which exists only in the grey matter of one individual.
  - Also established precedent (NG08C10148, in camera and compartmentalised).

For those who are about to fire the thought-ending cliché, "What, do you have something to hide?" Why, yes I do. The nature of that material is nobody's business but mine, and if you think it's of an illegal nature, it's on you to prove it beyond supposition and paranoid delusion - "beyond reasonable doubt" as is required in a criminal process. But do NOT expect me to help you or feed your fantasy.

Re:Truecrypt FTW

[cpghost]

If you live in a fucked up police state where this is considered possible, you have more problems to care for than merely encrypting data.

Warranty void if unencrypted

As far as I'm concerned, storing any confidential data on a hard disk unencrypted effectively voids the warranty, because there's no way I'm going to send a drive containing sensitive data away for warranty replacement.

$235?

[krsmav]

Whose ass did they pull the $235 figure out of? The software is free, the installation takes a few minutes and it's transparent thereafter. The big but (pun intended) is how to deal with a major crash or a forgotten password. If your backup is also encrypted, you're SOL. I'd keep an unencrypted backup on a hard drive in an eSATA external dock, back up daily and put the drive in a safe every night. This was the standard procedure years ago when the backup medium was tape. You had three tape cassettes and rotated them.

Re:$235?

[__aaltlg1547]

TFA said it was mostly lost time due to your computer running slower.

World renowned Dr. Ponemon?? Never heard of him.

[gweihir]

And I have been in the security field for > 20 years. I think this is just another PR stunt. Any data reported is highly suspect. That is not to say data encryption is not worth it, just better not use this "study" to demonstrate it.

Re:Truecrypt FTW

[brusk]

Actually the law is still up in the air on this in the US. Judges have, in the past, held that a defendant was not obligated to reveal a password. There is no "law" about this, it's mainly interpretation of the 5th Amendment.

Re:World renowned Dr. Ponemon?? Never heard of him

[brusk]

Or perhaps more kindly: even if the data are completely accurate, they're averages that don't necessarily apply to every, or even any, particular case. I can't make a decision about something like this on the basis of what the mean or median cost/benefit would be, but only of what (as best I can estimate them) my own are.

Re:Truecrypt FTW

[Tastecicles]

Threatening someone with jail* for withholding a passkey which only exists in the mind of one individual is coercion. Established case Law.
Evidence (including confessions whether taped or written) obtained through coercion is inadmissible hence any conviction so obtained through coercively obtained evidence is unsafe. Also established case Law.
Following that, no person may be tried twice for the same crime, unless and only if there is "new, compelling reliable and substantial evidence" that was previously unavailable and the Court of Appeal decide that the evidence is sufficient to warrant a new trial (Criminal justice Act 2005). Such evidence if it is of a digital nature on an encrypted hard drive or other storage device will only ever come to light if the passkey is surrendered or in the equally unlikely event that the Universe doesn't die a heat death before the police manage to crack it.

*The maximum penalty for contempt in England is two years, except in cases under the Terrorism Act which carries a maximum penalty of five years. I should familiarise you with the prohibition on consecutive sentences contained in section 265 of the Criminal Justice Act 2003 and the residual application of section 116 and 117 of the Powers of Criminal Courts (Sentencing) Act 2000, which means that the court cannot impose a two year sentence on someone for refusing to disclose information then do it again in two years when the first sentence is up, rinsing and repeating. This would also fall afoul of the prohibition on cruel and unusual punishment which is International Law.

Re:Truecrypt FTW

[Tastecicles]

...and with that phrase uttered, you are then required to prove that you've forgotten it.

Fucked up, but there it is.

(actually it's fairly easy - claim torture. Game over).

I've worked with it off and on for years

[onyxruby]

I've worked with it off and on for years. Back around 99 when I first started working with it in finance we had about a 1 day hit just to encrypt the drive and a noticeable loss of speed once it was done. We could only encrypt certain computers that were powerful enough and you really had to justify doing it on a case by case basis.

Fast forward several years and technology has improved to the point where frankly most users couldn't tell if you encrypted their drive or not.

The overhead to run encryption on a drive anymore in around 3-7% the last time I ran the numbers. Your guilty of neligigence if you don't run encryption on a laptop, with desktops is the small hassle to recover a key /really/ that big of a deal?

Where I work we actually get desktops stolen about as often as laptops, and with Bitlocker it's all transparent to the user. Why not? I'm looking for similar tools for my mac's (50/50 mix of mac's and windows if anyone has any good suggestions).

Wildly inflated

[__aaltlg1547]

'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'

The average cost savings from data breach exposure is not $4650 generally. Since the vast majority of companies don't employ FDE, the average losses per year per computer used in business would be approximately $4000. So taking the approximately 100 million computers used in business in the USA (yes, that's a UWAG), that puts the losses to business at about $4 billion per year. I'm not buying it, nor am I buying that the most efficient way to prevent this is FDE. I think it may be valuable in certain industries, e.g. finance and banking where the bulk of your data is of high value to potential thieves, or in medicine or law, where the disclosure of your data may get you sued.

For the rest of us, it's sufficient to have locks, passwords, firewalls and security settings that keep people from hacking your computer.

Re:Truecrypt FTW

[smash]

You mean, like in the US? You only have to be declared a potential terrorist and its all fair game.

Silly numbers

[GPLHost-Thomas]

I have just calculated that these numbers are crap. They don't make sense, and they come from nowhere. My dm-crypt device costs me nothing...

- licensing: zero, it's open source
- maintenance: maybe 5 more minutes at setup time?
- device pre-provisioning: WTF?
- device staging: same
- tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security
- end-user downtime spent during password resets: zero
- cost associated with re-imaging hard drives: never happened. I use RAID1 BTW.
- end-user downtime associated with initial disk encryption: well, I went have lunch when it was writing random stuff at initialization. No time wasted.
- end-user time spent operating an FDE-enabled computer: WHAT???

Anyway, using an encrypted HDD should be mandatory in every company. That's the very basics of security...

Re:Silly numbers

[gnasher719]

- tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security

Nonsense. For example, Apple uses three keys: 1. The actual encryption key for the disk. It is never accessible to the user, it is stored in encrypted form on the disk, and by overwriting that portion of the disk, you can wipe a disk within milliseconds. 2. The master key. This key is used to decrypt the real key. It's a long hex number; you can write it down _and put the paper in your safe_. You'll never need it unless you need to do a password reset. 3. The user's password. The user has a password which is used to recover the master key. Multiple users can have different passwords. The password can be changed at any time without having to re-encrypt the data, because it is only used to decrypt the master password.

So you can do password resets, but only if you have the master key. Which is used _only_ for that purpose.

Re:Silly numbers

[Cederic]

So you can't reset your password, but you have no costs with re-imaging hard drives?

You've just confirmed that you never ever forget your password. Work for an organisation with more than one employee, and promise that everybody will maintain your impressive record.

Your personal experiences do not translate into a complex multi-user environment.

Re:Silly numbers

[GPLHost-Thomas]

You've just confirmed that you never ever forget your password.

I don't forget my *master* password, the one of my partitions. The others, I don't need to remember them, they are stored on my encrypted partition... That's *one* password to remember. I believe everyone is capable of that.

Re:Silly numbers

[Cederic]

Again, this approach is not suitable or appropriate for a multi-user environment. Stop trying to discredit numbers that apply to a more complex scenario than the one you enjoy.

Re:Silly numbers

[GPLHost-Thomas]

It's self-discrediting, it doesn't even need my help. Have you even read TFA? It's really laughable. Some of the % wont even have a meaning.

it depends on your "risk"

[RobertLTux]

For 98% of the viewing audience having a house with High Power Electrified Fencing and a pack of Tibetan Mastifs/Wolves in the yard surrounding a Stone House with Blast Doors with internal sector doors would be way to much effort BUT for that 2% it might not be enough.

questions to be asked for FDE

1 Is it better to LOSE the data than have it compromised?
2 How secure are your backups?
3 Are YOU SURE to COURT OF LAW levels your backups are secure and reliable??
4 Are the keys kept safe??
5 Can your staff be "DD" hacked?? (mostly applies to Male Staff members but similar hacks will apply otherwise)
6 How good is your FDE solution?? (has it been HACKED YET??)
7 is there a second key that can be used to decrypt?? (or a Master key)

im sure there are other questions but that should be the top 7 questions

FAIL...over FDE-cost prohibitive when

[ElitistWhiner]

Algorithm updates render FDE ForeverDiskEncrypted

Performance hit is unacceptable

[DaDaDaaaaa]

Why are some people saying that there is no noticeable performance difference? I have used it on my Thinkpad with a Core 2 Duo from 2011 (AES to get the fastest performance) and with a hard drive it slows down all the time, making me believe that my computer is 7-8 years older. It slows down so bad when looking at a Flash video that it is practically unusable. When I use a SSD it is much better but there can still be very big problems. If I have to scan or decompress a file that's too big, most of the time the whole system will freeze. For a corporation that deals with extremely sensitive information this is fundamental. Else, it has benefits I'm sure, but it's a total pain.

Re:Performance hit is unacceptable

[Just+Some+Guy]

It slows down so bad when looking at a Flash video that it is practically unusable.

Think I found the problem.

Re:Performance hit is unacceptable

[Tetch]

I have a workstation at home sporting a Phenom II X4 3.2GHz CPU and 8Gb 1333MHz RAM, running a Linux host OS using LUKS to provide FDE. This host OS is running VirtualBox to provide various VMs (Windows, Linux) and the performance of all VMs is pretty much instantaneous on all UI requests, and pretty damn zippy at workloads such as compiling.

The WinXP VMs (I give them 2Gb of "RAM" and 1 CPU core) are faster than any WinXP I've ever experienced on Real Hardware; boot to logon prompt takes 10 seconds, & shutdown from being logged in takes 8 seconds. I use one of those WinXP VMs for all my Youtube and DVD video watching needs, without any stutter of any kind. I run KDE4 in several of the Linux VMs, and it's very fast. I don't have any Win7, but a Win8 Preview VM takes 12 seconds to boot, and about 3 to shutdown [once you've figured out how to request shutdown that is :)]

Whatever the performance hit of the FDE is, I'm really not aware of it.

Re:Performance hit is unacceptable

[Zemplar]

FDE isn't noticeable with the proper CPU. My old ThinkPad, also with a Core 2 Duo, was also horrid with FED. My new ThinkPad, with AES function support in the CPU, doesn't break a sweat with FDE and I can't notice it, even with a fast SSD.

Re:What the fuck are you on about?

[bingoUV]

Just install Fedora's disk encryption, it's free!" doesn't work in a corporate environment

But it does. Unless you define corporate environment as one with dumb sysadmins.

If you think that TrueCrypt or the like will do the trick you are in for a nasty surprise

Fedora uses LUKS. Which lets you add a big-ass key , possibly supplied from a file, in addition to the key typed in by the user every time they boot the machine. True crypt also has the feature, BTW, so your rant about TrueCrypt is also false.

Re:Truecrypt FTW

[Tastecicles]

Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001.

Ker-ching!

Re:Truecrypt FTW

[smash]

Have you kept up to date with the law in your country at all?

On Linux, everything but /boot

[IBitOBear]

I don't encrypt /boot for obvious reasons, those being that I like to boot my computer.

I have had zero problems.

I use LUKS and a decent pass phrase.

I reboot often enough that the chance of me forgetting my disk password is essentially zero.

That law of physics being

[IBitOBear]

Users are too stupid.

Actually, for large definitions of one place, like "on the hard drive" this is already done.

Therefore the disk should be encrypted.

Re:Truecrypt FTW

[IBitOBear]

Theft or loss is more likely. In a proper police state, they already have you under surveillance so they already know your pass phrase.

First rule of paranoia, don't save what you don't want found.

Second rule of paranoia, why are _you_ asking _me_... what do you really want? I will not be deceived! I want to see the birth certificate of the guy who says the birt certificate is real! There never were any towers to start with, we can tell from the pictures of the so-called "moon landing" because the shadows on the newspaper don't match the shadows under his nose...!

8-)

Which Country

[IBitOBear]

Current precident in this U.S. of A. lets you "accidentally" loose your right to remain silent by, get this, "not talking". And you can "lose" your Fifth Ammendment Rights also by "answering _any_ question" (like "what is your name") in some contexts, such as being before a grand jury.

This isn't constitutional, but you will be held to it anyway.

The rule of law is bent to beyond breaking in many areas, including the right to remain silent and the right to free speech etc.

Don't depend on the law alone... only in immense piles of cold hard cash can you trust here under the law.

Cost Comparison is a Strawman

[dila813]

Cost is of full disk encryption vs no encryption what so ever. Full Disk Encryption requires better hardware and premature hardware failure. Do a real study, compare encrypted user directories vs full disk encryption.

Re:What of FileVault 2?

[lpq]

Cost is performance deterioration.

As more programs are adapted for the Mac environment, I see more code being put in to SLOW down I/O, because it's easy for a single user program to lock up the Mac and make it unresponsive by programs doing full-speed I/O.

The same does not happen on my Windows or Linux machines -- Linux being much better about partitioning out I/O than Windows, but it would appear that even Windows is better than the Mac for multi-task I/O.

The Mac's disc encryption is not only costing Mac users time and money, but the entire industry -- making it poor choice unless you really need it.

But more and more, I'm seeing disk-limiters being put in to programs because the Mac OS doesn't do a good job of managing I/O and it's users are usually very vocal. Then those crap laden programs get passed into the high performance PC and linux world's where it's just
garbage.

Infographic on Full Disk Encryption

[WinMagic+Social]

In August, our friends at WinMagic released the results of a survey they conducted with the Ponemon Institute where they examined the Total Cost of Ownership (TCO) for full disk encryption. To make this information even clearer, they’ve now created a handy, easy to reference infographic that makes the concept much easier to understand. We all know how important data encryption is for technology users and leaving your data unsecured can be a huge risk to your business. If you think your readers would find this interesting, we would love for you to share it on your blog. Please visit http://blog.winmagic.com/2012/09/04/making-the-case-for-data-encryption/ to view their infographic.