October 27, 2005 – 4:06 pm
Estava lendo mais um “10 mitos sobre segurança” de maneira meio cética, pois a coisa estava com cara de vendors pitch, mas pesquei um negócio em um deles que foi muito bem dito e pouca gente sabe (destaque meu):
“8. Full-disk encryption on workstations and laptops will protect my data against unauthorized access.
Probably not. Most full-disk encryption software only protects computers that happen to be turned off at the time. When they’re turned on, everything is automatically decrypted when read, and delivered to anyone with access to the computer. If you’re afraid of your laptop being stolen, full disk encryption will keep the data from being read as long as it’s stolen while turned off. But it probably won’t protect at all against someone logging in to your computer remotely while it’s attached to the network.“
Ou seja, fitas de backup ou laptops, faz sentido, pois eles podem ser “stolen while turned off”. Agora, encriptar bases de dados de produção…ainda não acredito que traga benefícios em termos de segurança que compensem o custo em termos de performance.
