[FDE] hardware accelerated full disk encryption

[coderman]

On 11/8/06, Saqib Ali <docbook.xml at gmail.com> wrote:
> I personally don't see a need for using FDE solutions on a NAS or a
> SAN device. Remember after the device is online FDE is pretty much
> useless, all the data is available in  "decrypted" form.

some reasons network storage should be encrypted:

- theft of storage arrays is a legitimate concern.  not as pressing as
other security risks, but it has happened and the volume of data
involved in such a loss is significant.

- maintenance / disk replacement.  many companies must be sure that
any data on drives used in a storage array is inaccessible when
returned for service / replacement.  traditionally this is done with a
degausser, but such explicit methods are prone to human failure /
insufficient opacity.

- disk based backup solutions.  i prefer to use a RAID1 for personal /
SOHO storage, and can perform an archive for off site storage by
pulling a drive, and inserting a replacement.  i no longer need to
worry about security of data on the backup disk sent to a remote
location.

any others i missed?

best regards,