Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Businesses Privacy Security Stats Hardware

Calculating the Cost of Full Disk Encryption 242

Posted by samzenpus from the cheap-at-half-the-price dept.
CowboyRobot writes "Is full disk encryption (FDE) worth it? A recent study conducted by the Ponemon Institute shows that the expected benefits of FDE exceed cost by a factor ranging from 4 to 20, based on a reduction in the probability that data will be compromised as the result of the loss or theft of a digital device. 'After doing all of the math, Ponemon found that the cost of FDE on laptop and desktop computers in the U.S. per year was $235, while the cost savings from reduced data breach exposure was $4,650.'"
This discussion has been archived. No new comments can be posted.

Calculating the Cost of Full Disk Encryption More

Calculating the Cost of Full Disk Encryption

Comments Filter:

  • translation (Score:5, Informative)

    by Hazel Bergeron ( 2015538 ) on Monday September 03, 2012 @05:23AM (#41211655) Journal

    'After doing all of the math,

    "After applying some simplistic formula"

    Ponemon

    "the guy promoting his firm with this /. article"

    found that the cost of FDE

    "without specifying any important parameters such as number of computers or environment in which they are used"

    on laptop and desktop computers

    "but noting that some were laptop and some were desktop because that makes the result sound a little more convincing"

    in the U.S. per year

    Encryption is a lot more expensive in Scotland. They can always look up yer kilt and ken yer keys!

    was $235,

    If this were a porn moneyshot, TFA author would now be panning away from the dick and squirting liquid soap everywhere, seemingly drenching the victim.

    while the cost savings from reduced data breach exposure was $4,650.

    Or $100,000, or life imprisonment, depending on your particular situation. Statistics: on average, not very useful.

  • Re:One click for $235 (Score:5, Informative)

    by Anonymous Coward on Monday September 03, 2012 @05:27AM (#41211679)

    Quote: "The study measured costs in 11 segments: licensing, maintenance, incremental costs, device pre-provisioning, device staging, tech time spent on password resets, end-user downtime spent during password resets, cost associated with re-imaging hard drives, end-user downtime associated with initial disk encryption, end-user time spent operating an FDE-enabled computer, and the value of tech time incurred for various administrative tasks related to encrypted drives. [...] The study found that the most expensive element of FDE is [...] the value of user time it takes to start up, shut down and hibernate computing systems while using FDE."

  • Re:One click for $235 (Score:2, Informative)

    by DJRikki ( 646184 ) on Monday September 03, 2012 @05:56AM (#41211773)
    It wont really, GRC.com did a test a good few years ago and showed not much difference and newer chips have AES-256 instructions built in so its a no brainer.

  • Re:Truecrypt TCO (Score:4, Informative)

    by bertok ( 226922 ) on Monday September 03, 2012 @07:10AM (#41211963)

    The main difference between Truecrypt and Bitlocker is that the latter allows transparent decryption, which is very hard to solve without special hardware (TPM). Additionally, Bitlocker has automatic key escrow to Active Directory, but Truecrypt can only do the same kind of thing manually, which is useless when managing large numbers of computers.

    If you can trust your users to remember passwords, Truecrypt is much more secure. Similarly, Bitlocker can be made more secure as well if you set it up to require a passphrase during boot, without which it keeps the unencrypted key on the machine. The TPM chip is supposedly tamper-proof, but I bet there's at least one three-letter agency with a back door!

  • Re:No kidding (Score:4, Informative)

    by RaceProUK ( 1137575 ) on Monday September 03, 2012 @07:27AM (#41212027)
    *points to joke*

  • Re:Truecrypt FTW (Score:4, Informative)

    by Tastecicles ( 1153671 ) on Monday September 03, 2012 @07:58AM (#41212135)

    No one is bound to answer any question if the answer thereto would, in the opinion of the judge, have a tendency to expose (him) to any criminal charge, penalty or forfeiture which the judge regards as reasonably likely to be preferred.
      - Established precedent over 1100 years of Common Law, from the Code of Alfred 870 to the Fifth Amendment of the US Constitution.

    In Saunders v UK (ECHR), according to which "the right not to incriminate oneself does not extend to the use in criminal proceedings of material which may be obtained from the accused through compulsory powers but which have an existence independent of the will of the suspect, such as, inter alia, documents acquired pursuant to a warrant, breath, blood and urine samples and bodily tissue for the purpose of DNA testing".
    This would only extend to a passphrase which exists outside the mind of the defendant. It would be on the prosecutor to prove that such a document exists to obtain an order against which refusal would result in a finding of contempt. Therefore, no court can force disclosure of a passphrase which exists only in the grey matter of one individual.
      - Also established precedent (NG08C10148, in camera and compartmentalised).

    For those who are about to fire the thought-ending cliché, "What, do you have something to hide?" Why, yes I do. The nature of that material is nobody's business but mine, and if you think it's of an illegal nature, it's on you to prove it beyond supposition and paranoid delusion - "beyond reasonable doubt" as is required in a criminal process. But do NOT expect me to help you or feed your fantasy.

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close