Peter Gabriel shows, albeit indirectly and unwittingly, why one needs full disk encryption if data security is the ultimate objective.  Gabriel’s servers that powered his website—hosted at a data center—were stolen.  This affects more than a website with a litany of Gabriel’s accomplishments.  I’ve never been to the site before, and it’s not operating at 100%, obviously, but a look at the temporary stand‑in makes it apparent the stolen servers were at the center for getting all things Gabriel‑related, including the sale of music and concert tickets.

Break-ins into data centers are nothing new.  I’ve heard the entire gamut, from people strolling in while waving at the guard (and the guard waving back, which is why I dropped the word “security” from “security guard”) to using chainsaws and going through the walls, literally.  Break‑ins of any kind are not common when it comes to data centers, especially if the facility was built with security in mind—RFID key cards, locked spaces with bullet‑proof glass built for identity checks, and guys with semi‑automatic weapons.  But, it does happen once in a while (and, lately, it seems, with growing frequency).  And, of course, if a server is stolen, all the data in it is stolen as well, and available for the perps to use.

Or is it?  The digital world is an odd one, and what’s true for the physical world does not always translate to the digital world.  If a file cabinet full of top secret documents gets stolen, all that information is stolen as well.  The thief will have easy access to the documents.  Even if the cabinet were locked, one could rip the walls of the cabinet to get to the contents.  In the physical world, theft can easily result in an information breach.

Likewise, the physical theft of a server with digital information can result in an information breach.  Sure, one can set up password protection, but the equivalent of “ripping the walls” to get to the data exists in the digital world as well.  However, the digital world offers ways to protect information when it’s stolen so that it doesn’t fall into the wrong hands.  This method of protection is called encryption, and generally comes in two forms: full disk encryption and file encryption.

The latter has a physical counterpart as well.  File encryption, basically speaking, is just substituting one character for another via a particular set of rules.  If you’ve ever come across a paper document full of gibberish, you’ve probably come across a document whose contents are encrypted (or, someone’s master’s thesis in electrical engineering).

Full disk encryption, on the other hand, doesn’t have a physical counterpart.  Like file encryption, it uses rules of substitution, changing each bit found on the hard drive itself; however, the actual file is not encrypted if you use full disk encryption.  For example, if you e-mail a file that’s found on a hard drive with full disk encryption, the file can be read by the recipient without any problems.  If you send him a file that was protected with file encryption, he’ll require a key to unscramble the contents of the file.

The closest thing that full disk encryption comes to resembling in the physical world is really thick walls on a file cabinet, since the contents in the file cabinet don’t change.  Really thick walls.  I mean, we’re talking a thickness that’s incomprehensible.  Like a safe whose walls have the thickness of Indiana. (You think driving across Indiana took forever, eh?  Try blowing up or drilling through a wall the thickness of Indiana.  Yep, that’d be a pretty secure cabinet.)

Both forms of securing your digital assets are available from AlertBoot.  The idea is to use them together as complementary solutions and enhance security.  After all, you don’t necessarily have to choose between an armed guard and a safe.  You do have the option of using both for security purposes.  Or, just use one or the other—just make sure you understand what you’re data security requirements are prior to making a decision.