Importance of protecting company data has led to the advent of various types of encryption solutions being deployed in the companies IT environments. One interesting question that comes to mind is if all of the company data that could potentially reside in different types of devices e.g. Desktops/Laptops/Smartphones etc. need to be encrypted? The answer to this question may need to take into account numerous considerations including security risk analysis, cost, management overhead etc.

 

Considering only laptops and desktops – we have observed that laptop encryption is more prevalent as compared to desktops. The two major questions then are 1) what reasons prevent enterprises from encrypting desktops?; 2) what reasons would motivate encryption of data in desktops?

 

Disadvantages of encrypting desktops

1)      Lack of security need due to low risk of theft – It may be less likely, given the physical and other security measures deployed in a company, that the physical desktops are stolen from the company premises

2)      Manageability costs and maintenance – Admins have to manage additional user credentials, increased helpdesk calls and also recovery of encrypted data is hard.

3)      Trend towards using stateless devices and virtual desktops

 

Advantages of encrypting desktops

1)      Insider Threat – Disgruntled employees stealing data from within the enterprise premises. Most desktops have bigger storage capabilities than laptops

2)      Regulatory Compliances require encryption of all devices

3)      Multi-User Machine- If there are multiple users that are using a common desktop and one of them happens to be malicious then encryption helps protect the data from such users.

 

Please take this quick survey and let us know what you think? Click Here to take survey