As a data recovery laboratory, we experience full drive encryption from a different vantage point.
The encrypted data we work with usually is owned by the businesses and people who come to us seeking data recovery. They are trying to get their files back from a failed drive. The encryption – which may have been in place due to regulations, security concerns, or simply by default – now is a potential barrier that could lock them out forever.
From this perspective, we have a some general thoughts for the encryption industry and, based on the various encryption techniques we’ve seen, one specific recommendation for the consumer.
First off, full drive encryption really works. Without the proper keys, the information stays incomprehensible through very complex and effective encryption algorithms. In terms of writing encryption software, the various leading producers of encryption software have succeeded in their main goal. And it’s not normal to write software with an eye on hardware failure. Software is written with the reasonable assumption that it will be carried out by hardware able to execute its commands. You don’t write a recipe for cake without assuming the cook has a working oven.
But given that about seven percent of all hard drives fail every year, it’s worth thinking about what ability there is to retrieve extremely valuable data once a storage device fails. We believe the encryption industry should look at how its products affect the chance of an owner recovering encrypted data. It’s worth considering, for example, where the keys are kept and what happens if various sectors on an encrypted disc can no longer be read.
A few bad sector clusters on an unencrypted hard drive, for example, are no big deal for a data recovery laboratory — even if it involves the master file table definition. But a couple dead sectors on an encrypted drive can mean a complete inability to recover anything, depending on their location and the method of full drive encryption.
Without getting into an extremely long and technical discussion of how various methods of encryption affect data recovery, we do think it would be worthwhile to share one specific recommendation to businesses and others looking for a robust encryption method that does not make data recovery more difficult for the authorized user.
While there are some methods of encryption we’ve found less likely to pose an obstacle to data recovery than others, Safeboot is clearly the best. Safeboot encrypts its data in a way that never poses an obstacle to data recovery. If you use Safeboot and you haven’t lost your encryption key, recovering data from a failed drive depends on the normal factors for any other data recovery.
We offer this observation to give consumers another factor to consider when choosing an encryption service and to offer our observations about encryption based on experiences from a data recovery laboratory.
About Lee Sensenbrenner
Director of Product Marketing at Gillware, Inc.; former journalist and chief speechwriter for a governor; economics degree from UW-Madison.
This point hits some very valid points for me, specifically the importance of file encryption and how it can work against some businesses.
I have been working on a site that is SOLELY dedicated to data centers and data center management. If you and anyone else could check it out, im sure it can help you with alot of questions and shine new light on ideas. Let me know what you think. Thanks.