This is where data classification comes in to play. If data is federally protected, you better be damn sure to encrypt it, and if it's sensitive to the company then you would be better off encrypting it. stolen data that has been encrypted isn't considered compromised. However, if the private key is stolen as well...well then you have a problem. I use md5 and sha-1 currently for file and disk verification..I just need 200GB of ram to handle the disks I need to hash so it doesn't take an hour or so.Originally posted here by Soda_Popinsky
There has to be some guideline for determining what data is worth encrypting and what isn't...
For instance-
Passwords which may be accessible via web application should be encrypted.
A document outlining a trade secret should not be encrypted. (I don't really mean this... keep reading)
Why? Because a trade secret will be forever valuable, and you can't switch through trade secrets every 90 days. History has proven that it will be compromised, given enough time, resources, or knowledge of the algorithm. Is it safe to say that if encryption is needed on a document holding a trade secret, then that document is somewhere it shouldn't belong?
When it comes to documents I think people really need to start looking at DRM.
Everything outlives its usefulness..look at RC4.
Reply With Quote