You're accustomed to protecting "data in motion," but what about "data at rest"?
| Executive Summary:|
Do you fear a major data breach at your company? If so, you should be using a Full Disk Encryption product. To get started, begin by taking a look at three FDE products—Microsoft’s BitLocker, PGP's Whole Disk Encryption, and WinMagic’s SecureDoc—that can keep your data safe on your key servers.
Through all kinds of mechanisms and protocols—such as IPsec, L2TP and SSL—you can now protect your data as it moves from one network to another. However, because we're seeing more and more breaches in the form of lost or compromised data residing on servers or desktops, data “at rest” is getting a lot of attention. Many servers holding vital corporate data are connected to the outside world. Indeed, the notion of a server isolated from outside access is increasingly a thing of the past. Remote management has become commonplace, and the need for servers to communicate with other servers opens more ports and potential vulnerabilities.
Of course, your first defenses should be tight user controls, well configured firewalls, and application-layer protections. However, for your most important information, you need to practice defense in depth: Some sensitive data carries the potential to severely harm the company if it were stolen, so you need to do something more. Consider that several large companies face legal action or bankruptcy following breaches of this type. For example, a couple years ago, hackers stole more than 40 million customer credit card numbers from TJ Maxx servers, costing the parent company over 17 million dollars—a number that's sure to rise as numerous, related class-action lawsuits are resolved.
Additionally, some industries might actually be required by law or industry regulation to encrypt certain data, regardless of whether it's in motion or at rest. An example is the PCI standard for credit card merchants that stipulates that databases of customer card information must be encrypted. Another example is the recent presidential order mandating that all data on laptops at federal agencies be encrypted.
If the thought of a major data breach doesn’t cause you to lose sleep, it should—unless you're one of those forward-thinking types already using Full Disk Encryption (FDE) to protect your key machines. (By the way, any organization using encryption should have—and strictly enforce—a Cryptographic Controls Policy to cover any use of such tools in the organization. To learn about the key elements to consider in this regard, see the web-exclusive sidebar "The Importance of a Cryptographic Controls Policy," InstantDoc ID 101549.) To get you going, I'll provide a quick FDE overview, followed by a look at three FDE products that can keep your data safe on your key servers. I'll also review some key factors and decision points to consider while selecting the right solution for your company.
How FDE Works
Rather than deal with individual files and let users decide what's sensitive or not, FDE addresses nearly every bit written to the hard disk, presenting an unreadable wall of random data to any thief who manages to gain control of the disk. Most FDE products accomplish this protection by configuring a separate boot sector and bypassing the OS's usual boot process, so the system can’t even start without the encryption in effect. FDE generally uses symmetric (i.e., private key) encryption to encrypt the data on the disk, because it's very quick. To further protect the data, FDE then uses asymmetric (i.e., public key) encryption to encrypt the symmetric key. This allows for using faster symmetric encryption on the hard disk data, only using the public key encryption for the key, which improves performance.
Another advantage of FDE is that it generally covers swap, temp, and other ephemeral files that most users (and even most administrators) don’t think about protecting. Several high-profile exploits have taken advantage of the data stored in these areas, especially on laptops in suspend or hibernate modes.
One FDE misconception that keeps many companies from considering it is that it creates unacceptable overhead that will negatively affect server performance. Some disk-encryption products suffer from this problem, but thanks to technology improvements and a general increase in processor speed, most products now induce only a minimal performance hit. With FDE, you can expect only a 3 to 5 percent performance degradation. If you experience any more than that, something is wrong with your configuration or your software solution.
3 FDE Products
There are many data-encryption options available. In fact, the breadth of the market can seem bewildering to the average administrator. With that in mind, I'll briefly review three contemporary products—Microsoft’s BitLocker, PGP's Whole Disk Encryption, and WinMagic’s SecureDoc—each of which has strengths and weakness for different applications. (To read about factors to consider to ensure a successful implementation, see the web-exclusive sidebar "Choosing the Right Encryption Solution," InstantDoc ID 101550.)
BitLocker. Few people are aware that Windows has offered a disk-encryption option built right into the OS for quite some time. It's called EFS, and the best thing about it is that it's free. However, EFS doesn’t encrypt the whole disk—only OS directories. (Here's a a good overview of EFS.) The next generation of built-in OS encryption from Microsoft is the BitLocker technology built into Windows Server 2008 and Windows Vista Ultimate and Enterprise versions and is designed to support FDE.
BitLocker operates at the OS level and lets you encrypt the volume on which Vista is installed. You can use EFS to encrypt other volumes. Because BitLocker is available only on Server 2008 and Vista, hybrid Windows XP and Window 2000 environments seeking and enterprise-wide solution are out of luck. And, of course, UNIX and Linux aren't supported. (Other solutions, such as PGP's Whole Disk Encryption—see below—are available for those environments.) The management tools for deploying BitLocker are also sorely lacking right now, although third-party products might come along to simplify this process. However, on an individual server level, BitLocker works seamlessly and without user intervention following setup. The setup is dirt simple: Simply download and run the BitLocker Disk Preparation Tool. The wizard-driven utility walks you through the FDE-setup process.
The private keys reside on the local system, but you can optionally store them on removable media. That way, the keys and the data they encrypt aren’t stored on the same disk—a nice option that negates one of the potential vulnerabilities of this setup. BitLocker's largest advantages are this option and the price. The biggest disadvantage is that it depends on the local administrator account for its key recovery. The stored key for each user is encrypted using his or her account logon password. Therefore, if a malicious user manages to co-op your box to the point at which the user gains local administrator privileges, the "game is over," and the user can recover the encryption keys (unless they're stored externally, as mentioned). Even if the user doesn't get the administrator account, he or she can still potentially use the localsystem account to retrieves the keys.
Not too many large corporate deployments are 100 percent Vista yet, so that circumstance might limit the use of this technology as a company-wide solution. Another limitation is that BitLocker depends on a hardware element known as Trusted Platform Module (TPM). TPM is a chip integrated into the motherboard that handles authenticating the encryption separately from the main CPU. However, these units are nowhere near universally deployed and are mostly available in higher-end laptops. BitLocker does support a USB key in place of this requirement, but it's a hardware element that must be considered in any solution. Here's some good information about implementing the BitLocker technology.
PGP's Whole Disk Encryption. PGP has suffered its share of ups and downs, but it's still the gold standard for personal encryption. PGP also offers many solutions for servers and the enterprise, including its FDE product, called Whole Disk Encryption. If you've used PGP's personal encryption software and the "web of trust" model, PGP brings a certain familiarity. However, the company's enterprise products are quite different from the quaint, free software that Phil Zimmerman released over a decade ago. One benefit of Whole Disk Encryption is that it integrates nicely with PGP's other encryption products and can be managed centrally through the company's Universal Server (running on Linux, by the way). But that strength can also be a weakness: If you want to centrally manage your Whole Disk Encryption implementation, you must have the Universal Server for management and enroll users through it, adding complexity to the process.
Whole Disk Encryption's platform independence makes it a good choice for environments that have a variety of server OSs. And PGP’s many other products offer solutions for other media and applications such as USB drives and email. PGP also supports virtual encrypted disks.
WinMagic's SecureDoc. WinMagic offers a Windows-specific FDE solution called SecureDoc that includes some impressive management tools. Its encryption—AES 256 bit encryption with SHA2 for hashing—is also pretty robust. SecureDoc supports two-factor authentication for accessing encryption keys; most products rely on a passwords or pass-phrases only. And any hacker worth his salt knows it's much easier to brute-force or hack the pass-phrase than the actual encryption keys, which have gotten impossibly long in modern cryptography. Most encryption schemes are only as good as the pass-phrase, which is often not complex enough or is improperly handled—for example, written down somewhere in the vicinity of the machine or worse, kept in a unencrypted Microsoft Excel file on the host itself. That's like keeping your house key under the doormat! Every thief knows to look there, but people do it anyway.
Another difference is that SecureDoc doesn’t utilize a master recovery password. Instead, it keeps a record of all keys handed out, then offers a one-time key to unlock each set of key files. This way, you don’t have a master key to protect and potentially lose, putting all your encrypted disks at risk. However, this approach can make key recovery more complex for both users and managers. WinMagic is also the priciest solution of the three products represented here.
These are just three of the many available FDE products, free and commercial. Many others match just about any budget and situation. With a little thought and some budget, you can further protect your most important data and take the sting out of any server breach. If you take care to use one of these tools to design and implement a robust encryption strategy, you and your users will be able to sleep a little easier at night.