Whole Disk Encryption Explained

“We have whole disk encryption installed so all of our data is encrypted.” – Anonymous CISO

There are a lot of security professionals and lay people that seem to believe that when data is encrypted it is protected at all times, but that is simply not the case. Worse yet, vendors play into this misconception and obfuscate the issue with lots of words and phrases discussing seemingly complicated encryption algorithms, key management procedures and the like that turn out to be meaningless when it comes to protecting data on running systems with whole disk encryption. As a result, I felt it was time to clarify all of this misunderstanding and mumbo jumbo.

First things first, we need to discuss how whole disk encryption works. As its name implies, whole disk encryption encrypts an entire disk drive. When a file on the whole disk encrypted drive is accessed, the encryption solution decrypts the file necessary using the decryption key/passphrase provided at system startup and the rest of the drive remains encrypted. There are two reasons for this. The first is to improve the speed of encryption by only decrypting those files necessary when running. The other reason is that, if a system failure occurs or the system is shutdown deliberately, the drive is always protected by encryption (i.e., the system fails closed).

That is the key concept of whole disk encryption. The drive is technically only encrypted when the system is shutdown. If the system is running, the encryption is technically not in place because the operating system has the decryption key/passphrase to access the disk at will. Hence why whole disk encryption is great for devices like notebooks, desktops and the like that are shutdown or sleep at some point.

This is also why whole disk encryption is meaningless when applied to a server because when is a server shut down?

NEVER! Or at least very, very rarely.

As a result, when an organization is relying only on whole disk encryption on a running server, the only control that protects the data are access controls, not encryption.

But it gets even more complicated when you add in something like BitLocker into the mix.  On a notebook or desktop running Windows, BitLocker may or may not be as strong as you might think because BitLocker has a number of modes under which it can operate.

• It can operate stand-alone,
• It can integrate with Active Directory (AD), or
• It can rely on a trusted platform module (TPM) chip in the computer.

In stand-alone mode, BitLocker requires the user to provide the BitLocker key by either manually keying it into the system or providing it on a USB thumb drive that stores the BitLocker key in order to boot the system. If that key is not provided, the system will not even allow the user to logon. In stand-alone mode, the BitLocker key is not associated with the user’s Windows credentials. This is similar to how VeraCrypt whole disk encryption works where it requires a key/passphrase to be entered before allowing the system to boot and a user to logon to the device (i.e., multifactor authentication).

However, in the AD or TPM modes, BitLocker operates behind the scenes and the end user never knows that their disk is encrypted. To the end user, they still log onto the system as always using their Windows credentials. Behind the scenes, AD/TPM are providing Windows the key to decrypt BitLocker and the user never knows.

This is why security standards such as the PCI DSS call out not relying on whole disk encryption that is associated with the operating system because it offers no real additional protection to the data. End user credentials are too easy to come by or guess versus a multifactor type of approach where a separate key/passphrase is required before even supplying OS credentials.

Going back to our example with a server, if a drive in a SAN or NAS fails, the failed disk with whole disk encryption will be encrypted when it is pulled from the array. But if that same server is running just fine, whole disk encryption is providing no protection to the data stored on the array.

At the end of the day, whole disk encryption only protects data in the event of physical loss of a disk. Period. Nothing more. Nothing less.

That is the whole story. (Sorry, could not resist!)