And there are some agencies doing just

that in DC. The following are some reasons why full disc encryption is

preferable.

1) Encryption of temporary / swap is important as confidential data

maybe revealed from these files in case of HDD theft.

2) Quick Erase functionality as advertised by Seagate's FDE.2 drive

provide immediate data destruction by replacing the AES key on the

ASIC. This can save thousands of dollar the agency spends in proper

destruction of the HDD. See

http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf

3) user-proof. everything is encrypted if FDE is enabled.

4) pre-boot authentication.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/239/1180#1180