The best place to encrypt data
The best source of information about data breaches is probably the database maintained by the Open Security Foundation. This information shows that there are three sources of data breaches that are much more common than all the others. Based on the fraction of breaches that are due to each source, here are the big three:
|
Source |
Fraction of breaches |
|
Stolen laptop |
21% |
|
Hack |
17% |
|
Web |
14% |
Based on this information you might think that encrypting your laptops is the most important thing to do. On the other hand, looking at the number of records compromised gives a much different picture.
Here's how the big three compare based on that metric:
|
Source |
Fraction of records lost |
|
Stolen laptop |
3% |
|
Hack |
45% |
|
Web |
1% |
That looks much different, doesn't it?
From that point of view, laptops aren't your biggest concern. Instead, getting hacked is. If you encrypt your laptops, you'll be protecting against a loss of less that 3 percent of all the records that data breaches compromise. Protecting your data so that it's not useful to a hacker is probably a better use of your limited security budget, and you can do that by encrypting the data in a persistent way so that the encryption stays with the data. That may not protect against the biggest number of data breaches, but it looks like it will protect against the worst losses.
That probably depends on exactly how you plan to use this product. It's almost never the actual encryption that you need to worry about with encryption products.
If it's just you, then you might want to think about how to recover your data if you forget your password or if there's a fatal interaction between the encryption software and some other application. It seems like every disk encryption vendor's sales pitch now includes a horror story about how a competitor's product managed to turn lots of expensive laptops into useless chunks of silicon and plastic, so this seems to happen often enough to worry about it.
If you're thinking about using this product enterprise-wide in a large business, then might want to worry about the cost of supporting and maintaining it.
Posted by: Luther Martin | Friday, 08 May 2009 at 01:35 PM
I´m using this Discryptor (discryptor.net). Do you think it is ok for this?
Posted by: Tooth | Thursday, 07 May 2009 at 02:35 AM