Forgot your password?
typodupeerror
Encryption Businesses Privacy Security Stats Hardware

Calculating the Cost of Full Disk Encryption 242

Posted by samzenpus
from the cheap-at-half-the-price dept.
CowboyRobot writes "Is full disk encryption (FDE) worth it? A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20, based on a reduction in the probability that data will be compromised as the result of the loss or theft of a digital device. 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'"
This discussion has been archived. No new comments can be posted.

Calculating the Cost of Full Disk Encryption

Comments Filter:
  • by flyingfsck (986395) on Monday September 03, 2012 @04:13AM (#41211613)
    I am expensive, but not that expensive. I don't charge a customer $235 to click a full disk encryption check box while installing Fedora Linux. Maybe I should...
    • by Joce640k (829181) on Monday September 03, 2012 @04:20AM (#41211637) Homepage

      The TCO of is more than the cost of installing it.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        Security is not something you mess with.

        Personally, my data is worth a lot, to me, not to anyone else, I can't put a price on it. Simply because the data on it is personal, irreplaceable, I'd rather have it destroyed than having some one else see it (no, not porn).

        A company can. You have 10 million records, they get stolen, class action suit gets you to pay damages 10k for each ...

        To be honest this whole computer security isn't even about technology or security expertise or anything like that, it's about mo

        • by Dodgy G33za (1669772) on Monday September 03, 2012 @06:26AM (#41212021)

          Surely if it means a lot to you but not to anyone else then encryption is not as important (if at all) as backing up?

          I have lost personal data. I also have a few old and fairly important files kicking around that I password protected many moons ago and forgot the password.

          I have chosen not to encrypt, but I have a very solid backup routine.

          But then I can't imagine having data that is so personal (and yet irreplaceable) that I would rather lose it than have some random look at it.

          • I'm not sure that's what he was saying. Because he says he'd prefer it to be destroyed than others have it.

            I'm in the same boat. My data is not really all the useful to others. But I'd still prefer for it to be destroyed than others have it. Just because I keep bank accounts, passwords, etc on my machine. How much can you sell one poor college kids stuff for? Probably not much. But having that level of security, that I KNOW no one else can get into my stuff, is incredibly satisfying.

            If I get my c

          • by Alan Shutko (5101) on Monday September 03, 2012 @08:18AM (#41212515) Homepage

            I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

            With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password. If you're worried about that, put the password on a piece of paper in a safe deposit box or some other type of storage at home.

            • by arth1 (260657)

              I've gone paperless, so I have tax returns, medical info, SSNs, etc on my laptop. Full Disk Encryption means I don't have to worry about it.

              No, that's not what it means. Your data is only safe in that situation if you can guarantee that the encryption key is safe. If, as in most implementations, it is stored on the disk itself, only protected with a password, you're no safer than that password, no matter how strong the actual encryption is.
              Did you type it in while at the hotel, trusting them not to have a camera?

              With FDE, you have to decrypt it every time you use the computer, so you're not going to forget the password.

              Well, that's reassuring [xkcd.com].

            • The data you're talking about is not private. SSN, seriously? What stinks about something like the SSN is that you are told you have to both keep it secret, keep it away from identity thieves, and you are frequently required to give it out in plaintext for all the things the identity thieves also want to use it for. How many times now have we heard of some company database breach that leaked thousands of customers' credit card numbers and other "sensitive" info? What really is the point of signing your

      • by hairyfish (1653411) on Monday September 03, 2012 @04:55AM (#41211771)
        I've been working in IT depts for roughly 20 years and can't remember ever having issues related to "data breach from lack of encryption". Not saying it doesn't happen, but I reckon for most people (outside of finance/defence/govt etc) it's overkill. It raises a question, how much security is too much? Do you have a lock on your front door? 3 locks? 45 locks? If you had 100 locks on your door and only locked 99 of them, would this be considered vulnerable? This is how I think of the security industry. One lock is fine. If that doesn't work, then no amount of extra locks will help. The bad guys will simply break a window.
        • by Anonymous Coward on Monday September 03, 2012 @05:21AM (#41211839)

          That's kind of a flawed way to look at things imo (no offence intented).

          Having 99 locks on the frontdoor is indeed pointless, but that's because all those locks perform the same function. Using (for example) a virusscanner, a firewall and full disk encryption is more akin to having both a lock on the frontdoor but also a fire extinquisher in the hallway. It's a very sane and generally smart thing to have.

          On a sidenote, having 2 (different) locks on a door may very well be a smart thing, because a Type A lock has different flaws than a type B lock. Having 2 different kinds means you potentially eliminate a variety of easy exploits that target a specific type of lock. I don't know where the "line" is but i find it hard to imagine more than 2 or 3 locks being a sane scenario for "regular" entrances.

          Now it's obviously true that every security measure brings with it a "penalty" if you will, to legit users. For most locks this means the user has to carry a key on him, something most people in the west consider normal and not a high price to pay. Having to remember a PIN code to use your debit card is also a penalty on legit accountholders, but we accept it. Now wether or not full disk encryption is as pricey as the article seems to make out, i dunno, but lets look at the alternatives.

          A) Unencrypted drives
          B) Certain Encrypted drives/containers/shares/whatever
          C) Full Disk encryption

          In this day and age (dare i say it, the Information Age) there is a definite demand for encrypting sensitive and important data for almost everyone but the most untrained pc user. This makes option A a bad choice for almost everyone which means the decision is not just about "should we use FDE or not", it becomes "do we encrypt EVERYTHING or just cetain objects" and in order to make that determination you need to look at the price for both.

          Let's not forget, simply enabling FDE is a minor act for the sysadmin whose installating the system, and since FDE is transparent to userspace applications, there is very little additional configuration or problems that arrise due to it. It will impact performance of the hardware, however one can take this into account during the purchase of new machine(s) and simply take a slightly faster system to make up for it (if that's even needed, usually it ain't). Only encrypting certain partitions, shares or folders means you have to deal with many additional administrative and training issues. How do you prevent ppl from moving sensitive files from the secure X:\ drive to the C:\ drive, how do you teach the (presumably non-IT) users where they can store which files. Which policies have to be enforced to ensure it all stays on the level. How often (if at all) do you audit the systems for "leaked" senstive files, etc.

          I'm not a sysadmin myself, but i do work in IT and have a fair understanding on their job, and to me at a quick glance it appears FDE is a LOT cheaper and easier for everyone involved than encrypting only sensitive files.

          • by dbIII (701233) on Monday September 03, 2012 @06:38AM (#41212071)
            The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency. If it's not done properly with people at multiple sites having details of how to access the files it's not worth doing at all. An encrypted volume should not be a room full of people that have eaten the salmon mousse away from being permanently inaccessible.
            • The other side of the coin is managing it properly. For example I've had to restore from an unencrypted backup purely because somebody who was managing their own disk encryption had forgotten how to access their files and needed whatever earlier copies were available as a matter of urgency.

              Apple found that the most common problem is this sequence: User turns on encryption, user is asked to create a password, drive is encrypted, user never wrote down or remembered the password. There is a simple user interface change avoiding this problem.

        • by smash (1351) on Monday September 03, 2012 @05:38AM (#41211891) Homepage Journal

          OK. MD leaves his laptop at airport/side of road/in car that is stolen. He has competitive-advantage generating information on there, that would be worth millions of dollars in contracts to a competitor.

          We've had staff have laptops stolen, with data like that on them in the past. Do we know that the data was let into the wrong hands? Nope. But it could have been.

          • If the information is that sensitive then what is it doing on a portable device in the first place...?

            This is like car security, what you have is a tin box on wheels, this can be stolen (Towed/transported) and worked on at leisure, all security can be broken given enough time and resources, it is usually only a case of does the thief consider it worth the time and effort ...

             

            • Perhaps he's doing scientific research in the field, or he's got multiple labs. Perhaps the company knows somebody is leaking data from it's network to it's competitor, therefore putting it on multiple desktops that are connected to the company network 24/7 would be bad security. Perhaps the employee is a dick who'll make everyone's life miserable if he can't do his job from his laptop.

              And of course, this story is about the military. They can't lock all their sensitive info into a date warehouse in DC. They

            • by smash (1351)
              You do live in the real world, and deal with real world CEOs right?
            • by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Monday September 03, 2012 @11:18AM (#41213859) Homepage Journal

              If the information is that sensitive then what is it doing on a portable device in the first place...?

              I don't have information that sensitive by a long shot. But I'm currently a contractor who provides my own laptop and I do have some of my employer's sensitive information - pricing plans, campaign strategies, etc. - on my personal computer because that's what I use to do the work for them. I have OS X's full drive encryption enabled and a two-day-old encrypted Time Machine backup at my house. If my laptop gets stolen on the BART, bummer. I have to go fill out a police report, file an insurance claim, and do other inconvenient stuff. And when I bring my new laptop home, I restore it from the backup and I'm up and running again a couple of hours later. The thief has my hardware but not a single byte of my personal or employer's information.

              That's a nice situation to be in. If I did lose my laptop, I can tell my supervisor "sorry for the inconvenience while I get a replacement. Don't worry, though; your stuff is locked up and the thief can't get to it." That is infinitely preferable to the alternative of "umm, we might have a problem."

        • Remember the people doing the actual analysis here were the military. They have much different security needs then you do.

          • Damnit I didn't read the article properly. It said Ponemon, and I thought Pentagon.

          • by arth1 (260657)

            I thought that the Manning incident showed that the real problem isn't the security, but that people have access to data.
            People can never be trusted. There's no way to divide the world into the trustworthy and the untrustworthy. Reactionary witch hunts isn't going to stop humans from doing unpredictable things - with bad intent, or good intent.

            This isn't the 1940s where nations intercept radio transmissions, decrypt them, and at their leisure can bomb your submarines as a result. This is 70 years later

        • by Cederic (9623)

          I reckon for most people (outside of finance/defence/govt etc) it's overkill

          For most people it possibly is. In Financial Services it's an excellent way to prevent the regulator fining you (for far more than the cost of installing/managing it) due to data loss.

          You also need to factor in the reputational cost of losing sensitive customer data, whatever industry you're in.

          Seriously sensitive data is rare within an organisation, but large volumes of any data tends to have significant value - otherwise people wouldn't pay the costs of collating and maintaining it.

      • No kidding (Score:5, Insightful)

        by Sycraft-fu (314770) on Monday September 03, 2012 @05:18AM (#41211827)

        In a corporate environment, you have to have some kind of key management system. You can't do FDE with a free utility that is just "Enter the password to get in to the computer." Well why not? Tow big reasons:

        1) What if the person suddenly up and dies, and you need to get at the data? A backup won't help if said backup is also encrypted with the same password that only they knew. You need to have a system to get in.

        2) More commonly, what do you do when a user forgets their password? This happens ALL the fucking time. People cannot remember passwords, just how it is. Just losing data is not an acceptable answer, so you have to have a system that can get in.

        Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

        As an example at work a lady forgot her password, as she is known to do on days ending in "y". So she couldn't get in the encrypted laptop that has key codes for the doors (she deals with that). She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory. This meant my boss couldn't log in to do any kind of override. So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working. Took a fair bit of time to do.

        You have to count all that kind of thing in cost calculations. You can't pretend like it isn't a cost. Yes you already pay his salary but he has about 5,000 other thing to be doing that weren't being done while he worked on that. Needless to say if this were being used for more than a couple systems (we only use it in special cases) it would quickly need one or more people who's job was to administer it and deal with all the problems caused by it (meaning by users).

        • Re:No kidding (Score:5, Insightful)

          by bertok (226922) on Monday September 03, 2012 @06:01AM (#41211937)

          Now there are systems out there like that. They have central key stores, key recovery facilities and so on all while maintaining cryptographic security. However all the ones I've seen cost money. Then on top of that is the cost of administering such a system.

          Security only costs extra if you had nothing to begin with, which basically never happens. Any corporation with data worth stealing is likely to have Active Directory, which has a convenient key escrow functionality built right in.

          If you've already purchased Windows Server and have standardized on Windows 7, then full disk encryption with all the goodies is just a few button clicks away, and costs nothing but the 60 minutes it takes to read through the relevant technet articles and then setting a few settings in group policy.

          She also hadn't put the laptop on the 'net in like a year, so it was all desync'd with the Active Directory.

          That's not her fault, that's the IT department's fault. That laptop can't possibly have been properly patched, its data synchronized, or up-to-date security policies applied. That should have rung alarm bells in the system, or locked her out until she did synchronize successfully.

          Which can be done wirelessly these days. From home. Using transparent VPNs that require zero user interaction. All of which can be monitored centrally.

          So he had to hook it up, go through this key recovery thing where the console give you a bigass key to enter in to the system, then get it to sync passwords, then he could log in and get everything working.

          Wait, wait, wait.. let me get this straight: she failed to authenticate properly with the system for something like a year, which then correctly locked her out after the timeout expired, protected the data on her laptop, allowed you to recover the data as designed, and all of this required just a few minutes of typing? And to top that off, the security system insisted that her hopelessly out-of-date credentials cache be updated to verify her account?

          OH MY GOD THE HORROR! The hassle! Why doesn't the crypto system just fall dead and recognize how important this lady is and unlock all of her data, despite her ongoing blatant violation of IT security policy! The nerve of Microsoft for designing such a thing! Next thing you know, they'll insist that you use passwords to log on to computers! Can you imagine?! We just won't be able to get any work done around here any more!

          Clearly this is all just a giant conspiracy to drain valuable IT resources.

          You have to count all that kind of thing in cost calculations.

          Additional electricity due to use of AD Policy Driven Bitlocker encryption: $57.35
          One hour support call to fix non-compliant user's locked out system: $197.50
          Incompetent IT team: $457,350.00
          Potential lawsuit due to leaking user data: Priceless.

          Yes, you do have to factor that kind of thing in, you're right.

          • by Cytotoxic (245301)

            Well, that was certainly a snarky reply for someone who doesn't understand the point Sycraft-fu was trying to make. He was talking about the TCO calculations and why "you can get full disk encryption for free with Fedora" isn't really applicable in a corporate environment. Not complaining that "it's really hard and a complete drain on IT resources".

            The article includes these costs in their TCO calculations, and indicates that the largest expense is in lost user time due to slower boot times, sleep times an

            • by bertok (226922)

              You also missed my point, which was that the FDE (in combination with everything else involved) was doing exactly what it was intended for.

              The cost overheads are negligible, and the article massively overstates them.

              FDE, like passwords, are only a problem in environments with poor IT practices.

              For example, I hear people go on about how "password management" is an "expensive headache" all the time. However, I only hear that in environments where the IT department failed to consolidate to a single directory s

          • by tgeek (941867)
            Don't forget to add in the cost of redeploying Win 7 Enterprise to all those laptops your predecessor let get into users hands with Win 7 Pro preloaded by the manufacturer.
            • by tgeek (941867)
              That's assuming your PHB is like my PHB and refuses to consider any alternative to an available MS product . . . Bitlocker in this case.
      • by Shoten (260439)

        The TCO of is more than the cost of installing it.

        Joce640k is spot-on, and I'll elaborate. Do you really think that most users are capable of being just fine on a Fedora-based laptop? That users will never forget the credentials to decrypt their hard drives? Or that things won't go wrong...like a bad sector, for example? Support and recovery are the most expensive parts of disk encryption, by far. Additionally, in most situations where encryption is in use, there are regulatory mandates like FIPS or PCI DSS in place, and thus there's a need to provide

    • by Pieroxy (222434)

      Your customer CPU will heat more, and your customer will spend more time in front of his computer waiting for the disk to be accessed. It might be a few ms at a time, but cumulated over a year, imagine !

      Anyways, putting a price on something like this is always highly suspect.

      How do they get the $4,650 gain anyways?

      • Re: (Score:2, Informative)

        by DJRikki (646184)
        It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.
        • It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

          I don't know if quoting Steve Gibson is the best way to make a point on Slashdot.

      • Considering CPUs these days are pretty much at idle, except for gaming and other niches that actually require that much power, it makes no difference whatsoever. Disk access times are also the same, and if they really are a problem, SSDs are the solution.

    • by gl4ss (559668)

      I would think the costs come from electricity and possibly from losing access to your data.

    • by Anonymous Coward on Monday September 03, 2012 @04:27AM (#41211679)

      Quote: "The study measured costs in 11 segments: licensing, maintenance, incremental costs, device pre-provisioning, device staging, tech time spent on password resets, end-user downtime spent during password resets, cost associated with re-imaging hard drives, end-user downtime associated with initial disk encryption, end-user time spent operating an FDE-enabled computer, and the value of tech time incurred for various administrative tasks related to encrypted drives. [...] The study found that the most expensive element of FDE is [...] the value of user time it takes to start up, shut down and hibernate computing systems while using FDE."

    • You forgot the cost of data recovery after they forget their password.
    • I have just calculated that these numbers are crap. They don't make sense, and they come from nowhere. My dm-crypt device costs me nothing...

      - licensing: zero, it's open source
      - maintenance: maybe 5 more minutes at setup time?
      - device pre-provisioning: WTF?
      - device staging: same
      - tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security
      -
      • Re:Silly numbers (Score:4, Interesting)

        by gnasher719 (869701) on Monday September 03, 2012 @09:49AM (#41213057)

        - tech time spent on password resets: zero. This is real encryption, there's no such thing available as "password reset", there's only a passphrase which cannot be recovered. If it can, then this means you have zero security

        Nonsense. For example, Apple uses three keys: 1. The actual encryption key for the disk. It is never accessible to the user, it is stored in encrypted form on the disk, and by overwriting that portion of the disk, you can wipe a disk within milliseconds. 2. The master key. This key is used to decrypt the real key. It's a long hex number; you can write it down _and put the paper in your safe_. You'll never need it unless you need to do a password reset. 3. The user's password. The user has a password which is used to recover the master key. Multiple users can have different passwords. The password can be changed at any time without having to re-encrypt the data, because it is only used to decrypt the master password.

        So you can do password resets, but only if you have the master key. Which is used _only_ for that purpose.

  • Truecrypt TCO (Score:3, Interesting)

    by nereid666 (533498) * <spam@damia.net> on Monday September 03, 2012 @04:16AM (#41211621) Homepage
    Does it cost Truecrypt TCO $403 year? for a company with fewer of 50 employees? I know Trucrypt don't have, enterprise functionality, like admin and user password, integration with identity management, but I thik 403$ year only in support and maintenance, using this opensource and free solution. And It is very difficult to meause the value of the information of a laptop.
    • Re:Truecrypt TCO (Score:4, Insightful)

      by neokushan (932374) on Monday September 03, 2012 @04:24AM (#41211663)

      Truecrypt is fantastic software. I find it's a lot easier to use and understand than Microsoft's Bitlocker (What's that about a TPM module? Do I need a USB stick or not? So many questions!) and it just works.

      • Re:Truecrypt TCO (Score:4, Informative)

        by bertok (226922) on Monday September 03, 2012 @06:10AM (#41211963)

        The main difference between Truecrypt and Bitlocker is that the latter allows transparent decryption, which is very hard to solve without special hardware (TPM). Additionally, Bitlocker has automatic key escrow to Active Directory, but Truecrypt can only do the same kind of thing manually, which is useless when managing large numbers of computers.

        If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

  • Did he factor in the costs of the reduced IO performance?

    • Re:Real Costs (Score:5, Interesting)

      by pthisis (27352) on Monday September 03, 2012 @04:30AM (#41211691) Homepage Journal

      At least partially:

      "The study found that the most expensive element of FDE is not the hardware or software involved, but the value of user time it takes to start up, shut down and hibernate computing systems while using FDE. "

      But this study doesn't pass the smell test. Take this, for instance: "The cost savings from reduced data breach exposure was $4,650." Imagine that FDE takes the risk of data breach on a stolen disk from 100% down to 0%. And imagine that any given computer has a 1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it). Both of those are very generous estimates.

      The average value of a lost computer to my company--either in terms of profits lost or competitor's profits gained--would have to be $465,000 for the math to work. Which as a median doesn't make sense.

      If it's a mean, it only makes sense because there are a handful of computers whose value is tens or hundreds of millions of dollars counterbalancing the vast array of other computers worth far less--but if that's the case, the right solution probably isn't to lump all machines together for analysis purposes, it's to segregate out the high-value targets and treat their security differently from the low-value targets.

      • Re:Real Costs (Score:5, Interesting)

        by neyla (2455118) on Monday September 03, 2012 @05:06AM (#41211793)

        Agreed on the smell-test. No matter how good a security-measure is, it cannot save more money than is lost without it. (i.e. the best possible security is 100%)

        Thus for FDE to save $4650/computer/year, the current cost of data-loss that would be avoided with FDE must be atleast the same amount.

        There's about 100 million computers sold annually in USA, essentially none of which have FDE. The average computer is used for atleast 3 years. The total *current* cost of data-losses must thus be atleast: 100M * $4650 *3 = $1395 billion/year.

        That doesn't pass the smell-test. It would mean the losses add up to $12500 a year for each household, which is utterly ridicolous.

        • by smash (1351)
          No, those are POTENTIAL losses. And in a $13tn economy, potential loss of 1.3tn if every computer in the economy was compromised and data was leaked doesn't sound unreasonable?
          • Well, you have to also include the gain to the competitors.

          • Re:Real Costs (Score:4, Insightful)

            by pthisis (27352) on Monday September 03, 2012 @06:32AM (#41212051) Homepage Journal

            According to the article, they're the average actual losses, not potential. If the potential losses were $4650 and the actual annual cost of FDE was $235, then you'd need to believe that every computer has a 5% chance of being stolen and exploited every year in order for FDE to be worth it; the article would have to conclude that FDE isn't worth it for the average machine in that case.

            By ginning up a ludicrously overstated actual loss, though, they're able to make FDE look like a total bargain--at least until you start thinking about it enough to realize the numbers are cooked.

      • by tomhath (637240)

        1% chance each year of being stolen by someone who's going to exploit the data on it (rather than just reformat it and sell or use it)

        A 1% chance of a lost or stolen laptop might not be out of line. This study was about protecting corporate data, not Aunt Minnie's recipe collection. You need to assume the data will be exploited if it can be.That means investigating what was on the drive, changing passwords, possibly informing various government agencies, etc. The cost of lost financial or medical data adds up very quickly even if the machine was wiped and sold on eBay.

        A company I worked for about 10 years ago did a full audit of all PCs;

    • by felipekk (1007591)

      Another important question is "Who pays for each of those figures?".

      The user obviously "pays" for the $235 dollars in TCO, but if the government/industry is the one paying for the $4650 then we have a disconnection between the interested parties, which could make it harder to convince the consumers to adopt this technology.

    • by MtViewGuy (197597)

      That would be true in the past, but today with most hard drives running Serial ATA-II interfaces, the performance hit is not as bad as it used to be. And with SSD drives, the performance penalty is negligible.

  • by yourtallness (1183449) on Monday September 03, 2012 @04:22AM (#41211647)

    A recent study conducted by the Pokemon Institute... :-P

  • by N1AK (864906) on Monday September 03, 2012 @04:23AM (#41211653) Homepage
    One issue with IT security is that policies and security measures like this are only one small part of the picture. My partner works in a government affiliated company and has to use FDE for all PCs. Because of how they have implemented it they virtually all still use the default key (which wasn't random) and if you change it then you thwart the original intent of having quasi-hotdesks.

    Passwords written on desks, stuck to the screen etc are common in many places. Sending files off-network to places like dropbox or email to get around security 'hassles' is widespread. The owner of my current firm wants to use an iPad, because we won't let it on network he does most email from a web email account!

    FDE with rubbish passwords is entirely pointless as anyone with motivation to get in can. If you start requiring complex passwords the risk of people writing it down and storing it with the PC increases. We need to stop thinking about security as a technical issue and work out how to produce 'secure enough' systems which users don't subvert or misuse.

    If removing security breaches is worth nearly $5k a year then surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring. Even better would be combine it with a RSA style password device for two-factor authentication when providing a password (thus making less complex passwords less of an issue).
    • by Phroggy (441)

      ...Surely using some kind of RFID security card that must be near the PC/Laptop to unlock would be cost effective. I could keep it in my wallet or as a keyring.

      Or affix it to the laptop with a piece of tape, so you wouldn't have to worry about not being able to get your work done in case you forget your wallet or your keys. :-D

  • translation (Score:5, Informative)

    by Hazel Bergeron (2015538) on Monday September 03, 2012 @04:23AM (#41211655) Journal

    'After doing all of the math,

    "After applying some simplistic formula"

    Ponemon

    "the guy promoting his firm with this /. article"

    found that the cost of FDE

    "without specifying any important parameters such as number of computers or environment in which they are used"

    on laptop and desktop computers

    "but noting that some were laptop and some were desktop because that makes the result sound a little more convincing"

    in the U.S. per year

    Encryption is a lot more expensive in Scotland. They can always look up yer kilt and ken yer keys!

    was $235,

    If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

    while the cost savings from reduced data breach exposure was $4,650.

    Or $100,000, or life imprisonment, depending on your particular situation. Statistics: on average, not very useful.

    • SPOILER ALERT PLEASE

      If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

      You mean it's not real???

    • by AmiMoJo (196126)

      In other news a car manufacturer calculated that it would be cheaper to pay compensation to people killed by faulty parts than to issue a recall.

      Clearly the cost of a data breech needs to be much, much higher.

  • I'm rich! (Score:4, Insightful)

    by mwvdlee (775178) on Monday September 03, 2012 @04:39AM (#41211711) Homepage

    ...$235, while the cost savings from reduced data breach exposure was $4,650.

    I've got an old laptop lying around that's not doing anything.
    Last thing I did with it was a clean install of a win8 beta.
    You say if I encrypt it's harddisk, it saves me over four thousand US$?

  • It would be interesting to see the median cost savings, vs. average cost savings. For most, I'm guessing that the cost would be rather low - less than the cost of new hardware and setting the system up again if you lose it - but that you have some extreme outliers.

    That said, for OS X [apple.com], Red Hat Enterprise Linux [redhat.com] (and similar for others, I'm sure) and Windows 7 [microsoft.com] it is trivial to enable.

  • by Compaqt (1758360) on Monday September 03, 2012 @04:49AM (#41211743) Homepage

    It would be handy if people could share their experiences with encryption.

    Good, bad, ugly.

    E.g., is it better to encrypt your home directory (as Ubuntu gives you an option for), or the whole disk?

    Has anyone had a problem where you were unable to access your encrypted home directory or drive?

    Does encryption increase the possibility that a small problem on a single sector of a disk will render the whole volume unreadable?

    What about using encryption along with various levels of RAID?

    In some circumstances, I'll connect a harddrive via USB. If you disconnect it, sometimes Ubuntu won't let you access the encrypted volume again until you physically turn on and off the drive (or, sometimes, reboot). Stuff like that makes me fearful.

    • by AmiMoJo (196126)

      It is best to encrypt everything. Otherwise you have to worry about keeping secure data in secure areas. For example if you just encrypt your home directory then the system temporary file locations could end up storing some of your data in plain text as it is processed. The page file/swap partition are good examples.

      There is more risk of your data becoming unreadable, but that is what you keep backups for.

      • If only it were possible to design an operating system that kept all user data in one place but apparently a fundamental law of physics states that this is not the case.

  • What about the cost of data loss because users forget their password?

    • by jsse (254124)

      What about the cost of data loss because users forget their password?

      Don't worry, that's what super-admin password is for! ....did I just say that out loud?

  • it depends (Score:4, Insightful)

    by smash (1351) on Monday September 03, 2012 @05:33AM (#41211881) Homepage Journal
    on a modern cpu with AES hardware acceleration, the cpu cost is minimal. if you have valuable data, you'd be negligent not to enable it.
    • by kholburn (625432)

      http://www.reallydodgy.org/ [reallydodgy.org] -->
      Http/1.1 Service Unavailable

      Yep, really dodgy

    • by wvmarle (1070040)

      My data is really valuable. To me.

      And for that reason, I don't encrypt. I don't want to forget my password and have everything inaccessible.

      For most of the rest of the world, the photos and so that I value so much, don't have much value, if any at all. I'm not even going to put it on ftp to let the world mirror it, because I don't think there are even enough people interested in mirroring those files to make that work.

  • by Anonymous Coward

    In our (European) company FDE was rolled-out because we are obliged to protect customer information.

    No, not because company was scared of the penalties.

    It's kind of funny how US businesses quantify it all.

    • by tomhath (637240)

      we are obliged to protect customer information

      What happens if you don't fulfill that obligation? No penalty if data is compromised?

      • by gl4ss (559668)

        we are obliged to protect customer information

        What happens if you don't fulfill that obligation? No penalty if data is compromised?

        penalties vary from nothing to having the operation closed down. of course if you're a government official loosing a laptop full of social security data then nothing.

        • by wvmarle (1070040)

          Well, of course. As much as many people would love to, shutting down the government is not a practical option.

  • by Anonymous Coward on Monday September 03, 2012 @07:56AM (#41212417)

    As far as I'm concerned, storing any confidential data on a hard disk unencrypted effectively voids the warranty, because there's no way I'm going to send a drive containing sensitive data away for warranty replacement.

  • And I have been in the security field for > 20 years. I think this is just another PR stunt. Any data reported is highly suspect. That is not to say data encryption is not worth it, just better not use this "study" to demonstrate it.

    • by brusk (135896)
      Or perhaps more kindly: even if the data are completely accurate, they're averages that don't necessarily apply to every, or even any, particular case. I can't make a decision about something like this on the basis of what the mean or median cost/benefit would be, but only of what (as best I can estimate them) my own are.
  • I've worked with it off and on for years. Back around 99 when I first started working with it in finance we had about a 1 day hit just to encrypt the drive and a noticeable loss of speed once it was done. We could only encrypt certain computers that were powerful enough and you really had to justify doing it on a case by case basis.

    Fast forward several years and technology has improved to the point where frankly most users couldn't tell if you encrypted their drive or not.

    The overhead to run encryption on a

  • 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'

    The average cost savings from data breach exposure is not $4650 generally. Since the vast majority of companies don't employ FDE, the average losses per year per computer used in business would be approximately $4000. So taking the approximately 100 million computers used in business in the USA (yes, that's a UWAG), that puts the losses to business at about $4 billion per year. I'm not buying it, nor am I buying that the most efficient way to prevent this is FDE. I think it may be valuable in certain in

  • For 98% of the viewing audience having a house with High Power Electrified Fencing and a pack of Tibetan Mastifs/Wolves in the yard surrounding a Stone House with Blast Doors with internal sector doors would be way to much effort BUT for that 2% it might not be enough.

    questions to be asked for FDE

    1 Is it better to LOSE the data than have it compromised?
    2 How secure are your backups?
    3 Are YOU SURE to COURT OF LAW levels your backups are secure and reliable??
    4 Are the keys kept safe??
    5 Can your staff be "DD"

  • Algorithm updates render FDE ForeverDiskEncrypted

Entropy isn't what it used to be.

Working...