First off, what business problems does storage encryption fix?
Simply, storage encryption keeps data out of the hands of people that shouldn't have access to it.
But, in terms of specific business problems are pretty limited. Storage encryption isn't going to conduct risk assessment. It's not going to educate your users on what not to do with sensitive information. It's not going to prevent people with legitimate access from doing bad things. It's certainly not going to serve to validate that its own controls are working. And, if it's implemented poorly, all that time, money and effort can be negated.
Storage encryption isn't the secret to security, but it can be a very important component because it keeps unauthorized people out. That is, I have to reiterate, if it's done correctly.
Check out the entire Storage Encryption FAQ guide.
04 Oct 2007