WinMagic validates need for perpetual server encryption
WinMagic is encouraging enterprises to adopt server encryption as part of their regular data security strategy – even if those servers are behind lock and key.
When it comes to server protection, many enterprises overlook physical security risks. The common myth surrounding servers is that because the servers are in a data center, or otherwise behind lock and key, and because the data is in perpetual use, encrypting the drives is unnecessary as the data is never at-rest.
As covered in a recent blog discussing a use case presented by a customer whereby a server was stolen during shipping for repair, Garry McCracken, Vice President Technology, CISSP at WinMagic, writes about the myths of data security on physical servers that are present in the market.
In the blog he outlines that, “all drives eventually leave the data center for repair or disposal, and having them encrypted protects you from having your old drives with your customer data on them show up on eBay.”
Leaving servers unencrypted is a risk that enterprises simply can’t afford – especially with evolving data privacy compliance requirements such as the EU-GDPR and the California Data Privacy Law.
Enterprise manageability
WinMagic’s SecureDoc for Servers and OSA (Operating System Agnostic) for Servers help enterprises lock down their physical infrastructure investment, offering software or hardware full disk encryption and a host of other features to manage and secure the data residing on a company’s servers.
In the event of the theft or loss of an encrypted drive, with the assistance of WinMagic’s intelligent key management, the drive can be crypto-erased if operational, and if not, the data is rendered inaccessible with removal of the encryption key – mitigating the damage as a result of a data breach.
The strength of SecureDoc is in its versatility. SecureDoc is able to manage operating system native software encryption (Windows, Apple and Linux), Self-Encrypting Drives, and SecureDoc’s own FIPS 140-2 certified software encryption.
SecureDoc is compatible with the storage approaches and common operating systems, eliminating many of the common hassles associated with encryption management.
In addition, SecureDoc’s PBConnex solution, a pre-boot network-based functionality which authenticates encrypted devices to the network before the operating system ever loads, ensures that data is never exposed without proper credentials being verified before the standard operating system log-in process.
The bottom line is that organizations should encrypt all servers in the branch or office server closet, data center, or in the colocation facility.
This protects the business and data in the event of the physical removal of hard drives. With encryption solutions becoming much less impactful on device performance, and with increasing data privacy compliance requirements and the fines attached with a compliance failure, there is no reason not to encrypt data at every point within the business. It’s simply a healthy data security health practice.