As organizations struggle to implement encryption for stored data, one critical question frequently surfaces - Which encryption method is best for our organization, file-level encryption or full-drive encryption?

The amount of protection provided by these two approaches differs greatly, as does the management and user burden and the ability to meet legislative requirements. Before embarking on either path, it's critical that an organization understands the pros and cons of both techniques and carefully considers the best place to start.

While most organizations have been encrypting data in motion on their networks for many years using technologies such as VPNs and SSL, encrypting data as it is stored is just starting to gain momentum. It's high time, since most computer crime comes from attackers who steal data directly from stored locations. Very little data theft occurs these days from network traffic. Instead, attackers are going after stored data, including theft of financial information, IP, trade secrets, customer data, and personal private information.

The news is full of incidents of stored data being stolen. The recent theft of hard drive belonging to the Transportation Security Administration (TSA) containing the bank data, payroll information, and Social Security numbers of about 100,000 employees serves as a stark example of the need to encrypt stored data. Another notable incident occurred in 2006 when a laptop containing the personal information of over 26 million military personnel was stolen from the home of a Veterans Affairs Department employee. Qualcomm CEO Jeff Irwin Jacobs had his laptop containing sensitive company data stolen during a news conference when he was standing no more than 30 feet from it.

Victims of data theft face significant consequences. Not only do organizations incur a loss of reputation resulting in diminished current and future customers, numerous laws and regulations mandate the encryption of sensitive data, and stiff penalties, fines, and even jail time await those don't implement the proper safeguards. ChoicePoint Inc. must pay $15 million to settle charges that it failed to protect consumers' personal information. DTI reports that 70% of companies go out of business after a major data loss.

Methods of encrypting stored data

File-level encryption, as the name implies, encrypts files at an individual level. Although this is sometimes referred to as folder encryption because all of the files in a folder can generally be encrypted with one action, the technology still operates at the individual file level. This means that one can encrypt just those files that contain sensitive data and leave all other files unencrypted. Of course files are decrypted or encrypted only for users who properly authenticate themselves.

On the other hand, full-drive encryption (FDE) automatically and transparently encrypts all data including user and system files as they are written to the disk drive. This is accomplished either in software through an add-on aftermarket software hard disk driver, or through hardware in the disk drive itself. Most FDE solutions require user authentication when the disk drive is powered on. The drive will not allow access to unencrypted data unless the drive can properly authenticate the user.

Comparison: file-level vs. FDE encryption

Both file-level and FDE approaches have advantages and disadvantages. In a system using file-level encryption, since only sensitive files are encrypted the system performance is faster than in a software based FDE system. This is because the CPU is not impacted by constantly encrypting and decrypting system or other files that don't require protection. While this is not usually an issue for hardware-based encryption solutions, it can be a significant matter for software-based solutions, particularly for older devices with less powerful CPUs. For applications that open and close large files such as database oriented applications or some email clients, the performance impact can be a showstopper.

Another advantage of file-based encryption is the installation process. It's a frightening thing for users to have their data scrambled. A file-level encryption solution allows users to back up and apply encryption to just a few files until they gain confidence that either an operator error or technology problem won't destroy their data. Contrast that with an FDE system that encrypts everything at installation time. Regardless of how robust the solution is, users embark on such a journey with fear and trepidation, not to mention the need to back up the entire system beforehand. A file-level solution mitigates most of those fears. It's important to note that not all FDE solutions suffer from these installation issues-this doesn't apply to FDE Solutions that are built-in at the factory. However, for add-on, software FDE solutions the installation concerns can be a significant disadvantage.

A third advantage of file-based encryption is an attribute I'll call persistent encryption. Protected files remain encrypted until an authorized application or application plug-in opens them. The data can only be obtained in clear, unencrypted format through an authorized application that authenticates the user. Other applications attempting to read the file from the disk drive will be unable to make sense of it. Even if Spyware has infiltrated a system, it cannot obtain a protected file from the disk. This also means that a protected file can be sent via ftp, instant messenger, attached to an email, backed up, copied to a USB drive or other removable media and the protection remains intact. The data encryption is persistent and is not dependant on any particular device or location for its protection.

In spite of these advantages, file-level encryption has a number of disadvantages that need to be well understood. First and perhaps foremost, is that file-level encryption can be very difficult to deploy and manage from a policy point of view. Organizations need to first determine what data needs to be encrypted and that's not a trivial exercise. All existing documents need to be analyzed for sensitive data. Determining what is sensitive and what isn't is not as easy as it sounds, and getting the whole organization to agree on and enforce the resulting policy can be even more difficult. Furthermore, a document initially classified as non-sensitive might have sensitive data added later, so monitoring all documents becomes an on-going discipline. In an attempt to ease this burden, some organizations decide to encrypt all documents of a certain type, Microsoft Word for example. But that causes problems too because more often than not, a user's needs to send a non-sensitive document to someone, and getting an exception to the policy is too much work to be practical.

Another disadvantage of file-level encryption is the dependence on user action. Since users can inadvertently forget to encrypt a file that should be encrypted, or intentionally choose not to, the whole security system is very prone to human weaknesses. One of the underlying principles of effective security is that it must be provable security. If management can't prove that all sensitive data is encrypted at all times, the security will generally not be in compliance with federal and or other regulations and management can be held accountable.

A third disadvantage of file-level encryption solutions is that it is sometimes impossible, or at least impractical to encrypt specific bits of sensitive data within an application. For example, there is no way in Microsoft Outlook to encrypt specific fields or a specific record within the Contacts database. The only option is to encrypt the all Outlook database files which can significantly degrade performance.

When deploying file-level encryption organizations also face key management challenges and the need to integrate with multiple different operating systems. A file encrypted on one PC can't be read on a different PC or by another individual unless the decryption key is also available to them, and that adds a lot of complexity to the system. The solution must also be present wherever files need to be generated or read. If files are exchanged between PCs, Blackberrys, Macs, and LINUX systems, the solution must be present on all of those devices.

Let's now turn our attention to the advantages and disadvantages of FDE systems. Once installed, FDE-based solutions are completely automatic and transparent. There are no burdensome administrative policies to establish or enforce because everything is protected, even isolated records or fields within database applications. The security is provable in an audit and it will hold up in court because it's not subject to human weaknesses. While organizations still need a method to recover data on a user's disk drive, the overall key management effort is a fraction of that required in file-level solutions.

Users generally prefer FDE solutions because there are no added burdens for them either. They don't have to make any decisions or press any buttons. Except for authenticating themselves at start up, which in the better systems happens only once and looks exactly like the authentication users are already used to, users don't even need to know the security is present. It's totally transparent.

Another big advantage of FDE solutions is that they have been around since the 1990s. The solutions are solid and very mature and are in use by large organizations the world over. Their simplicity means a lot fewer problems to deploy and manage.

One FDE solution, DriveTrust from Seagate Technologies, is completely hardware-based and as such has additional advantages. For instance, since all of the cryptographic functions are performed within secure hardware, encryption keys are never vulnerable to capture. Currently, there are no real hardware-based file-level encryption solutions for enterprises. All file-level solutions use the CPU to encrypt and decrypt the data, which means spyware could potentially capture the encryption keys used within an enterprise as the process executes. DriveTrust is not subject to this weakness.

However, FDE systems don't do everything. They do an excellent job of protecting data on a system that has been shut down because an attacker can't start the system and get any data. However, once an authorized user has started a system and it is up and running, the effect is as if no encryption were in place. Every read from the disk drive automatically decrypts data for any process that requests the data. If a machine becomes infected with spyware, the ill-intended software can obtain any data on the drive. If a machine is left unattended and unlocked, an attacker who has physical access, even momentarily, can also obtain any and all data.

FDE systems are designed to protect data on the disk drive. They don't protect data anywhere else. Data that's encrypted on a hard disk is automatically decrypted when it's read. If that data is copied and pasted as an attachment, the attachment is in the clear, unencrypted unless some other process later encrypts it like SSL or a VPN. If data is copied from the drive and burned to a CD, or copied to a USB drive, that data is decrypted by the FDE system and will be in the clear. It will not be protected by the FDE system, so unless some other protection mechanism is in place to re-encrypt the data, it will be unprotected.

What's best for your organization?

When selecting a system to encrypt your organization's stored data, many factors need to be considered as outlined above. FDE is the best approach for solid protection of data stored on disk drives. However file-level protection is better suited for providing persistent protection of files that are moving from device to device. Since both technologies serve different needs, most organizations will ultimately end up deploying both solutions at some point. The question is, where does one start today?

If your organization already has FDE deployed, then rolling out a file-level solution is a natural extension of your security and good next step. However, if you don't have any protection for stored data, starting with file-level encryption and its added complexity may be overwhelming. Unless you can make a good case that it's more important to protect data moving from device to device than it is to protect data on your organization's disk drives, you are probably better off starting with FDE. It's simpler, more mature, and gives you provable security.

The added security available with FDE solutions is another major consideration. If your organization requires the utmost in security, make sure you understand the potential of capturing the encryption keys during the execution of file-level encryption systems.

For additional information regarding this study, contact:

Bill Bosen is a partner at Trusted Strategies LLC. Trusted Strategies, together with SeaGate, conducted the study.
www.trustedstrategies.com
www.seagate.com