This is a false sense of security. Data encrypted at rest
simply means that if someone gets their grubby mitts on a device
they cannot read it without first acquiring the key. Something
that is good for personal devices but not necessarily so good
for corporate servers. Most corporate servers have some level
of physical security making it a very low odds item to have hard
drives or SSD take a wander.
What sends chills down my spine is people believing that SEDs or
encryption of data at rest somehow protects the data from
individuals who have no business accessing the data. In other
words, the data can be easily read, downloaded, etc. by anyone
who can log on to the system. Which means in many cases, it can
be downloaded to the oh so insecure laptop and ....... well, I
think you get the picture.
This mailing list archive is Copyright 1997-2015 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact