Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Server Data Encryption

Posted on 2011-02-11
6
Medium Priority
?
431 Views
Last Modified: 2012-05-11
Over the last several years, we have been increasing data security and making every effort to better secure our client data, particularly PII.  As a result, we are to the point where we are evaluating the need to encrypt the data on all of our branch office servers, which includes both Exchange and files shares.  
 
We are interested in finding out if any of you are encrypting your server data and if so, how are you accomplishing it?  Has anyone used EFS on file shares and Exchange and if so, what are the performance implications?  Has anyone used self encrypting drives and have you had any issues or performance implications with them?  
0
Comment
Question by:Netopsprime
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:RobMobility
ID: 34872174
Hi,

If you're running Server 2008 you have the option of BitLocker encryption - this protects the drive when powered down:

http://technet.microsoft.com/en-us/library/cc731549(WS.10).aspx

Regards,


RobMobility.
0
 

Author Comment

by:Netopsprime
ID: 34872270
I am using Windows Server 2003 with Exchange 2003.
0
 

Expert Comment

by:mary_87
ID: 34872314
The Best Idea is to establish VPN Connection between the physical locations for security
so if you can send me the network diagram for the whole offices so I can give you the best design to your network .
also is there any routers, firewalls are used or you just use windows servers?
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 

Author Comment

by:Netopsprime
ID: 34872353
I'm not interested in data in transit, I have that covered.  I am interested in data at rest or mitigating against something like a server being stolen, etc.
0
 
LVL 25

Accepted Solution

by:
RobMobility earned 1500 total points
ID: 34872519
Hi,

Perhaps you should consider a 3rd party data at rest solution that's compatible with any RAID configuration you have. Ideally, 3 factor authentication should be used - e.g. TPM, USB and PIN or USB key, PIN and password.

That way if the server is stolen, nobody can start it or access data on the drives as they are in an encrypted state.

Go for a commerical tool with FIPS validated encryption.

Regards.


RobMobility.
0
 

Author Closing Comment

by:Netopsprime
ID: 34982566
We believe of all the options available Self Encrypting Drives will be the best solution. Thx all.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question