Austin S. Hemmelgarn posted on Fri, 12 Aug 2016 08:04:42 -0400 as excerpted:
> On a file server? No, I'd ensure proper physical security is > established and make sure it's properly secured against network based > attacks and then not worry about it. Unless you have things you want to > hide from law enforcement or your government (which may or may not be > legal where you live) or can reasonably expect someone to steal the > system, you almost certainly don't actually need whole disk encryption. > There are two specific exceptions to this though: > 1. If your employer requires encryption on this system, that's their > call. > 2. Encrypted swap is a good thing regardless, because it prevents > security credentials from accidentally being written unencrypted to > persistent storage. In the US, medical records are pretty well protected under penalty of law (HIPPA, IIRC?). Anyone storing medical records here would do well to have full filesystem encryption for that reason. Of course financial records are sensitive as well, or even just forum login information, and then there's the various industrial spies from various countries (China being the one most frequently named) that would pay good money for unencrypted devices from the right sources. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
