Last week, McAfee bought SafeBoot, while Check Point Software Technologies grabbed PointSec a few months back. Why are we seeing a PC-encryption shopping spree? Because large organizations are no longer willing to gamble with lost or stolen laptops. For $200 or less, I can encrypt each laptop that goes out the door. This seems like a better use of money than coughing up $250 million of unanticipated CYA spending as the result of a data breach.
So here's the problem with this scenario and software-based encryption. Software utilities are about to hit a wall called Moore's Law. Cryptographic processing is getting cheaper and cheaper and it is always better to off-load encryption operations than delegate them to a system CPU in order to maximize system performance.
I recently witnessed a test between hardware- and software-based encryption that leaves no doubt about this physical fact. Software-based encryption required about 20 to 30 percent CPU utilization for cryptographic operations. CPU utilization using a Seagate encrypting hard drive was zero percent. What about overall system latency? The hardware introduces almost none; you are talking microseconds.
In the next few years, laptops will come with encrypting hard drives as standard equipment. At first, these systems will carry a minimal price premium but ultimately the delta will diminish. Since software encryption isn't free either, IT managers will have to choose between a "no fuss" encrypting hard drive and software licenses, installation, maintenance and costs as well as up to 30 percent CPU overhead on each device.
This is a no-brainer to me.