Server encryption

[Bill Moran]

In response to David Karapetyan <dkarapet at nd.edu>:

> Hello, I was wondering if it was a worthwhile endeavor to encrypt a 
> backup hard drive on a server that I currently have in my office at 
> school (I am a graduate student). I do have sensitive data on it 
> (backups of my mail, as well as an msmtprc file that contains the 
> password to a gmail account of mine). I am not particularly worried 
> about theft of my server, but you never know. Am I simply being 
> paranoid, or is there a considerable risk when one does not encrypt?

If you don't encrypt the data and the server is stolen, the thief
has your data if he wants it.

If you do encrypt it, the thief has to go to considerable length to
steal the system without powering it down, and even then it's difficult
to get the actual data.

Most thieves don't care about your data.  The value of the hardware is
enough, and they'll probably reformat the HDD with a bootleg Windows
Vista install anyway.

You have to decide for yourself whether you feel the risk justifies
the effort.  Keep in mind that if you encrypt the drive, you'll have
to enter the password any time the system is rebooted (such as after
a power outage).

Hope this helps.

-- 
Bill Moran
http://www.potentialtech.com
http://people.collaborativefusion.com/~wmoran/