Emerging Tech

IBM starts massive deployment of disk encryption

Word has it that IBM is in the midst of embarking on a massive rollout of PGP's whole-disk encryption. The scheme is being rolled out on the desktops and laptops of 355,000 employees over the course of this year.

Word has it that IBM is in the midst of embarking on a massive rollout of PGP's whole-disk encryption. The scheme is being rolled out on the desktops and laptops of 355,000 employees over the course of this year.

Says Alan Mitchell, an IBM senior technical staff member, "This is an enterprise-wide deployment worldwide through 2008." He noted that "we're using whole-disk encryption to protect assets."

Excerpt from Network World:

PGP’s software hides data at rest with encryption. IBM's pilot program with it last year found the key management to be fairly simple. Over time, IBM expects to include language requiring encryption in its contracts with business partners that handle IBM-related data.

There is no word on the cost for the encryption software rollout to IBM.

Does your organization utilize or mandate any form of data encryption? What about your personal laptop? Do you protect it using encryption?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

4 comments
DV!
DV!

It sounds great. But how would a non-encrypted machine be able to decrypt/access the files sent to it?

Neon Samurai
Neon Samurai

I think they are only encrypting the machine's storage. PGP Desktop will confirm identity before it boots whatever OS they run on the staff machines. The encrypted drives are then read through the PGP Desktop layer or PGP disk driver. Files being sent in and out of the machine are already decrypted through reading them off the storage drive so they don't attached too email or transfer over the network cable as an encrypted block of data. Servers would work the same with, read/write too the storage includes the encrytpion/decryption steps. You'd have trouble putting that hard drive in another machine to read it or reading the drive with a liveCD since they wouldn't be able to access the encrypted partition (or vault file, unsure which it uses).

paulmah
paulmah

Does your organization utilize or mandate any form of data encryption? What about your personal laptop? Do you protect it with encryption?

Editor's Picks