Definition

full-disk encryption (FDE)

Part of the Network administration glossary:

What is full-disk encryption (FDE)?

Next Steps

Full-disk encryption (FDE) is encryption at the hardware level. FDE works by automatically converting data on a hard drive into a form that cannot be understood by anyone who doesn’t have the key to “undo” the conversion. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. FDE can be installed on a computing device at the time of manufacturing or it can be added later on by installing a special software driver.

The advantage of FDE is that it requires no special attention on the part of the end user after he initially unlocks the computer. As data is written, it is automatically encrypted. When it is read, it is automatically decrypted. Because everything on the hard drive is encrypted, including the operating system, a disadvantage of FDE is that the encrypting/decrypting process can slow down data access times, particularly when virtual memory is being heavily accessed.

FDE is especially useful for laptops and other small computing devices that can be physically lost or stolen. Because one key is used to encrypt the entire hard drive, FDE on the corporate level requires the network administrator to enforce a strong password policy and provide an encryption key backup process in case an employee forgets his password or leaves the company unexpectedly.

Learn More

Security expert Noah Schiffman explores laptop encryption options.
http://searchfinancialsecurity.techtarget.com/tip/0,289483,sid185_gci1320727,00.html

Wikipedia has a chart that compares different disk encryption software applications.
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

This was last updated in March 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • hosted services

    - Hosted services are outsourced information technology (IT) systems and functions. A hosted service provider owns and oversees infrastructure, software and administrative tasks and makes the system ... (SearchITChannel.com)

  • managed hosting

    - Managed hosting is an IT operations model in which a service provider leases dedicated servers and associated hardware to a single client. The equipment is at the hosting provider's facility and ma... (SearchITChannel.com)

  • I/O contention (input/output contention)

    - I/O contention (input/output contention), occurs when virtual machines compete for I/O resources because there is a limited storage bandwidth. (SearchStorage.com)

Glossaries

  • Network administration

    - Terms related to managing computer networks, including definitions about LANS or WANS and words and phrases about network design, troubleshooting, security and backups.

  • Network hardware

    - Terms related to network hardware, including definitions about cables or file servers and words and phrases about routers and switches.

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

Dig Deeper

People Who Read This Also Read...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top