[openstack-dev] Volume Encryption

Paul Sarin-Pollet psarpol at gmx.com
Mon Mar 11 10:45:32 UTC 2013


I don't have any interest in a protection against the data center employees. They are all trusted administrator and could have easier and more discrete ways to steal data than to steal a disk.
I think encryption can be a good protection against a theft inside data center only if every hard disk is encrypted, not only nova volumes. But it costs CPU and hard drive time, thus it costs money...
----- Original Message -----
From: Caitlin Bestler
Sent: 03/08/13 03:49 PM
To: OpenStack Development Mailing List
Subject: Re: [openstack-dev] Volume Encryption

Done properly, volume and/or object encryption eliminates the need to degauss drives
before de-commissioning them. Encryption also protects against theft of the drives.
Degaussing would only be effective against drive theft if the thieves were obliging
enough to provide advance notice so you could degauss the specific drives just
before they were stolen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130311/13c65f5a/attachment.html>


More information about the OpenStack-dev mailing list