With power-on passwords and login passwords available, what's the value of hard drive encryption?
Anyone who's determined to gain access to a drive is going to be able to bypass
BIOS passwords or Windows passwords in just a couple of minutes. There are tools available to actually automate the process in both areas. I've written about it, and there's some pretty extensive resources available about bypassing BIOS passwords and how to crack operating system passwords.
When you register for SearchStorage.com, you’ll also receive targeted emails from my team of award-winning editorial writers. Our goal is to keep you informed on the hottest topics, the latest news and the biggest challenges you face as a storage professional today.
Rich Castagna, Editorial Director
The fact is most people don't use power-on passwords anyway, because it's just too inconvenient. Many of the computers I see don't even have passwords to log on to the local operating system or into the network. And, if they do, all it takes is using a tool, such as the free Ophcrack LiveCD, and literally within a matter of minutes passwords can be cracked or reset and the hacker has full access to the system and the drive. There are even ways to access large storage environments by breaking into management consoles, gaining access to servers using Metasploit, etc.
So, to answer your question, storage encryption is the final layer of protection when all of these other things have failed.
Check out the entire Storage Encryption FAQ guide.
Dig Deeper
-
People who read this also read...
This was first published in October 2007
Storage Management Strategies for the CIO
