Definition

full-disk encryption (FDE)

Part of the Network administration glossary:

What is full-disk encryption (FDE)?

Full-disk encryption (FDE) is encryption at the hardware level. FDE works by automatically converting data on a hard drive into a form that cannot be understood by anyone who doesn’t have the key to “undo” the conversion. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. FDE can be installed on a computing device at the time of manufacturing or it can be added later on by installing a special software driver.

The advantage of FDE is that it requires no special attention on the part of the end user after he initially unlocks the computer. As data is written, it is automatically encrypted. When it is read, it is automatically decrypted. Because everything on the hard drive is encrypted, including the operating system, a disadvantage of FDE is that the encrypting/decrypting process can slow down data access times, particularly when virtual memory is being heavily accessed.

FDE is especially useful for laptops and other small computing devices that can be physically lost or stolen. Because one key is used to encrypt the entire hard drive, FDE on the corporate level requires the network administrator to enforce a strong password policy and provide an encryption key backup process in case an employee forgets his password or leaves the company unexpectedly.

Learn More

Security expert Noah Schiffman explores laptop encryption options.
http://searchfinancialsecurity.techtarget.com/tip/0,289483,sid185_gci1320727,00.html

Wikipedia has a chart that compares different disk encryption software applications.
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

This was last updated in March 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • latency

    - Latency means delay. In networking, it's an expression of how long it takes for a packet to get from one designated point to another. In a computer system, latency usually refers to any delay or wa... (WhatIs.com)

  • log (log file)

    - A log, in a computing context, is the automatically produced and time-stamped documentation of events relevant to a particular system. Virtually all software applications and systems produce log fi... (WhatIs.com)

  • Receive Segment Coalescing (RSC)

    - Receive Segment Coalescing (RSC) is an offload technology in Windows Server 2012 and Windows Server 2012 R2 that can help reduce how much of the CPU is used in network processing. (SearchWindowsServer.com)

Glossaries

  • Network administration

    - Terms related to managing computer networks, including definitions about LANS or WANS and words and phrases about network design, troubleshooting, security and backups.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About full-disk encryption (FDE)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.