Monday, February 5, 2007

Disk encryption in Fedora

These days, data is mobile. Every day, sensitive corporate data leaves a company’s headquarters on a flash drive or an employee’s laptop. Regardless of where it is going, mobile data can be an I.T. department’s worst nightmare.

In fact, the 2006 “CSI/FBI Computer Crime and Security Survey,” a joint effort by the San Francisco office of the FBI and the Computer Security Institute, named laptop theft as the third-largest source of financial loss in the computer security domain. This survey reports the results of 426 companies. While most security threats documented by the study decreased, losses from laptop theft have increased since 2005. “Data protection (e.g., data classification, identification and encryption) and application software (e.g., Web application VoIP vulnerability security)” were cited as the “most critical computer security issues in next two years” by 73 respondents.

One of the most important computer security issues today is laptop theft. The data on a stolen laptop may be far more valuable than the device itself. For example, a stolen UC Berkeley laptop contained sensitive data about nearly 100,000 alumni. A stolen Department of Veteran’s Affairs latop yielded information from up to 26.5 million veterans. There are many examples of high-profile laptop theft, and these incidents are often very costly for companies. The cost, however, isn’t related to the hardware replacement, but to the loss of confidential information and customer security.

What if the owner could state that the data has not been compromised? What if the only loss resulting from a stolen laptop was purely material? This would certainly alleviate some of the risks behind mobile data. Disk encryption is one way to help solve this problem. Since the Fedora™ Project was announced in 2003, many disk encryption technologies have been added to the Fedora platform.

Read More