Comment by nicce
1 day ago
Depends on what kind of data is in question. Backups and old incremential data can stay encrypted while disks are otherwise in use.
1 day ago
Depends on what kind of data is in question. Backups and old incremential data can stay encrypted while disks are otherwise in use.
Hm yeah, I always think of encryption at rest as "the drive handles encryption itself", rather than "we encrypted these archives before we wrote them", but fair enough.
Not necessarily the drive, but yeah, where standards mandate encryption at rest you need to have the files on the live disk encrypted.
Usually it's much less of a headache to luks/bitlocker/SED the whole drive so that you don't have to worry about swap files and logs