I run several systems using vmware or one of the alternatives; all the guest OSes run encrypted partitions (requiring password to boot). Generally, it makes it difficult even with physical access to gain access to the files. Similarly, I prefer Truecrypt on Windows (* cringe *) machines.
In either case, all the machine's issue/login screen clearly state access to the machines are restricted to the rightful owner and any other access is a violation. I've never had a problem with any colo facility before; while I've been asked on various occasions for the root password, I've provided the vm server's root password once (when a hardware / power supply failure occurred). Obviously, the password was changed as soon as the boot occurred and I compared md5 hashes of all files on disk (for trojans). Whenever outages occurred, I'd bz2 a few log files and send them over; I've received valid responses such as this failed or that failed or "we pulled the wrong cord". However, I've also received lies such as "our accountant didn't send uunet their check this month" but then they've come clean. However, never did they bring down a working machine to mess with it.
My advise, regardless of what you choose for file encryption, I'd suggest you immediately leave that 4th rate provider.
Slashdot Mirror
I run several systems using vmware or one of the alternatives; all the guest OSes run encrypted partitions (requiring password to boot). Generally, it makes it difficult even with physical access to gain access to the files. Similarly, I prefer Truecrypt on Windows (* cringe *) machines. In either case, all the machine's issue/login screen clearly state access to the machines are restricted to the rightful owner and any other access is a violation. I've never had a problem with any colo facility before; while I've been asked on various occasions for the root password, I've provided the vm server's root password once (when a hardware / power supply failure occurred). Obviously, the password was changed as soon as the boot occurred and I compared md5 hashes of all files on disk (for trojans). Whenever outages occurred, I'd bz2 a few log files and send them over; I've received valid responses such as this failed or that failed or "we pulled the wrong cord". However, I've also received lies such as "our accountant didn't send uunet their check this month" but then they've come clean. However, never did they bring down a working machine to mess with it. My advise, regardless of what you choose for file encryption, I'd suggest you immediately leave that 4th rate provider.