Virtual Environments such as Amazon AWS and Microsoft Azure are becoming a popular choice for cloud storage, but it isn’t uncommon for businesses to operate and manage their own physical servers – either on premise or via third-party data centres - and the data they hold is incredibly valuable. But, given their static existence, do they really need to be encrypted?
Often, articles will suggest that these physical servers do not need to be encrypted.
The arguments are usually as follows:
Physical servers are usually well-protected within business' walls, inside an even more secure data centre
The servers can, and usually do, run for many months or years before being brought down
Full Disk Encryption (FDE) is really only for the protection of data 'at rest' - physical servers usually keep data moving
Adding another layer of security comes at the cost of reduced convenience
These statements are accurate, but we don't... Continue Reading