Definition

full-disk encryption (FDE)

Part of the Network administration glossary:

What is full-disk encryption (FDE)?

Full-disk encryption (FDE) is encryption at the hardware level. FDE works by automatically converting data on a hard drive into a form that cannot be understood by anyone who doesn’t have the key to “undo” the conversion. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. FDE can be installed on a computing device at the time of manufacturing or it can be added later on by installing a special software driver.

The advantage of FDE is that it requires no special attention on the part of the end user after he initially unlocks the computer. As data is written, it is automatically encrypted. When it is read, it is automatically decrypted. Because everything on the hard drive is encrypted, including the operating system, a disadvantage of FDE is that the encrypting/decrypting process can slow down data access times, particularly when virtual memory is being heavily accessed.

FDE is especially useful for laptops and other small computing devices that can be physically lost or stolen. Because one key is used to encrypt the entire hard drive, FDE on the corporate level requires the network administrator to enforce a strong password policy and provide an encryption key backup process in case an employee forgets his password or leaves the company unexpectedly.

Learn More

Security expert Noah Schiffman explores laptop encryption options.
http://searchfinancialsecurity.techtarget.com/tip/0,289483,sid185_gci1320727,00.html

Wikipedia has a chart that compares different disk encryption software applications.
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

This was last updated in March 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • Iometer

    - Iometer allows users to set custom input/output profiles to simulate different application workloads for testing. Iometer is also a useful benchmarking tool for storage and is often used for storag... (WhatIs.com)

  • network functions virtualization (NFV)

    - Network functions virtualization (NFV) is an initiative to virtualize network functions previously carried out by dedicated hardware. (searchSDN.com)

  • standard operating environment (SOE)

    - Standard operating environments (SOE) simplify desktop deployment and network administration within an organization. SOEs are usually deployed through disk images that typically include the OS, its... (WhatIs.com)

Glossaries

  • Network administration

    - Terms related to managing computer networks, including definitions about LANS or WANS and words and phrases about network design, troubleshooting, security and backups.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About full-disk encryption (FDE)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.