DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Monday, 08 April 2019 16:05

How Enterprises Can Use Encryption to Protect Linux Servers and Support Compliance Efforts

WinMagic’s Garry McCracken discusses the encryption capabilities that are built into Linux, the gaps in protection/compliance risks, and what companies can do to address them.

When it comes to server protection, many enterprises overlook physical security risks. The common myth is that because the servers are in a data center or otherwise behind lock and key, and because the data is in perpetual use, encrypting the drives is unnecessary, as the data is never at rest. 

That’s particularly troublesome. All drives eventually leave the data center for repair or disposal, and having them encrypted is the best way to protect the data from unintentional exposure. And with the enormous number of breaches in the news and compliance regulations – GDPR, HIPAA and California’s Consumer Privacy Act and the like – the prudent advice is to encrypt everything, everywhere, all the time. 

Linux has built in encryption for several years now. So why, then, are enterprises still struggling with their encryption efforts?

To answer this question, let’s review the disk encryption capabilities that are built into Linux: