Disk Encryption

Disk encryption is carried out on computer systems by users and organisations to prevent unauthorised access to data. Disk encryption software or encryption hardware is used to encrypt all data located on the hard disk of a system. Whilst most a computer system can be encrypted, the master boot record must be left unencrypted as this plays a vital roll in the recovery of computer systems. Therefore a hard disk is not totally encrypted but the majority of it can be.
There are many benefits to disk encryption which will now be highlighted; people are advised to encrypt their data for their own personal security.
The first benefit is that areas of a computer which often hold confidential information, such as temporary files, are encrypted which prevents unauthorised access to the data. It must be considered that in the modern day there are vast amounts of personal and confidential data stored on computer systems which therefore means that security is paramount.
A full disk encryption which is carried out on a computer system will encrypt all of the files possible. This will therefore take the pressure away from the user as they do not have to select or remember which files to encrypt. Sensitive files are automatically encrypted which means security is always present.
When a disk has been decrypted it also eases the process of authenticating a computer as it is booted up. The system will check which files are secure; viewing all files as encrypted will speed up and support this process.
One major benefit of a full disk encryption is that data will be immediately destroyed; this is due to the cryptography keys being deleted which therefore leave the data useless. This is obviously a major benefit for users who deal with large amounts of secure data, ensuring that any data which has been mistakenly left on a system will become useless. It is worth noting that any data which is highly sensitive or hold security risks such also be physically destroyed.
Although there are many benefits to the process of full disk encryption, there are also some associated security concerns. The main risk associated with this method is the potential for cold boot attacks. This process occurs when encryption keys are stolen by cold-booting a machine which is already running an operating system, the contents of the memory are then taken before the data disappears. This potential risk must be considered by any users using a full disk encryption as a security method, other security methods should be put in place to work along side the encryption.
These measures may include using username and passwords to ensure only authorised members can access systems. An advanced technique is also using a smartcard which works in conjunction with a PIN number. An expensive and also advanced method also includes using biometric authentication methods; this includes methods such as fingerprint recognition and eye retina recognition.