What are some common mistakes and oversights when implementing storage encryption?
Also, in most networks that I'm seeing, people don't have a clue as to what information they actually have. They also don't have a clue where it's stored or what security risks it's up against. So, if they don't know this stuff, they can't reasonably know what needs to be protected. I think the assumption is that everything that is sensitive is on servers or protected storage so there's not that much to worry about. This is wrong. I'm seeing vulnerabilities in these areas all the time. In any given network today, there are megabytes, if not gigabytes, of files scattered all across different hard drives and storage systems within the network. I think sensitive information is everywhere across the network, it's unprotected, and it's waiting to be compromised. And, a lot of people are oblivious to it in many cases.
Check out the entire Storage Encryption FAQ guide.
04 Oct 2007