WinMagic’s Garry McCracken discusses the encryption capabilities that are built into Linux, the gaps in protection/compliance risks, and what companies can do to address them.
When it comes to server
protection, many enterprises overlook physical security risks. The common
myth is that because the servers are in a data center or otherwise behind lock
and key, and because the data is in perpetual use, encrypting the drives is unnecessary,
as the data is never at rest.
That’s particularly
troublesome. All drives eventually leave the data center for repair or
disposal, and having them encrypted is the best way to protect the data from
unintentional exposure. And with the enormous number of breaches in the
news and compliance regulations – GDPR, HIPAA and California’s Consumer Privacy
Act and the like – the prudent advice is to encrypt everything, everywhere, all
the time.
Linux
has built in encryption for several years now. So why, then, are enterprises
still struggling with their encryption efforts?
To
answer this question, let’s review the disk encryption capabilities that are
built into Linux:
dm-crypt
dm-crypt
is a transparent disk encryption subsystem within the Linux kernel. It is
a block device-based abstraction that can be inserted…