NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

wchp's avatar
wchp
Luminary
Mar 22, 2010

Disk/Volume Encryption

With the recent introduction of MA CMR-17 law, most businesses are now required/encouraged to encrypt all customer data. What if any timeline is there for the Readynas products to support AES encrypt...
Before You Buy
wchp's avatar
wchp
Luminary
Oct 20, 2010
sphardy wrote:
@whcp
Encryption is no longer a feature for our customers.

On disk encryption provides additional physical protection to data and so might help in the case of, for example, theft (ie stealing the HDD from the NAS), but it doesn't protect against theft by the business being hacked.
So can you please explain the type of customers affected by this? It's not like your customers would forget they had a NAS on the back seat of the car and had it stolen - these things are usually locked away in secure server room with very limited access.
Please enlighten me - I must be missing something


Stolen... exactly!
Just finnished converting a small law office from a NVX to a QNAP TS-459 Pro+ Turbo NAS last month. We enabled AES 256 bit Volume-based encryption on the QNAP.
Over this past weekend the office was broken into and ALL hardware was taken.
All PCs and Laptops were running BitLocker.
The QNAP was AES encrypted.
The Copy machine used a hardware based encrypted drive. ALL STOLEN but...
It was reported = NO fine.
It was all encrypted = NO fine.
Personal records were not accessable = NO fine.
Data was synced to Amazon S3 so we were able to have the office back up and running by the end of the day Monday.
I dont know where you think folks are storing these units in small offices but a locked closet door gets kicked in and that is the end to your physical security.
The NVX is now at one of the Partners homes acting as a media server...
Security is 70% policy, 20% physical and 10% digital. Encryption is ofter the last line of defense but is no less important.
Security by obscurity is not a viable option in todays market!
AND a customer did have a NAS stolen from her trunk while she was moving between offices (Good thing it was a Synology DS210+ with AES enabled)!
Dont get me wrong... I will not part with my personal Pro but for businesses, we are no longer comfortable reccomending the product!

P.S. Hacking is a seperate issue that is addressed with 2 factor authenticaion, disabling IO devices, using UTM appliences as active gateways or in transparent mode, propper firewall configs, email encryption and forced password policies with change intervals and/or the use of SID's.
Drive encryption has become a critical component in todays environment.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More