NIST logo

Publication Citation: Guide to Storage Encryption Technologies for End User Devices

NIST Authors in Bold

Author(s): Karen A. Scarfone; Murugiah P. Souppaya; Matt Sexton;
Title: Guide to Storage Encryption Technologies for End User Devices
Published: November 15, 2007
Abstract: Many threats against end user devices, such as desktop and laptop computers, smart phones, personal digital assistants, and removable media, could cause information stored on the devices to be accessed by unauthorized parties. To prevent such disclosures of information, the information needs to be secured. This publication explains the basics of storage encryption, which is the process of using encryption and authentication to restrict access to and use of stored information. The appropriate storage encryption solution for a particular situation depends primarily upon the type of storage, the amount of information that needs to be protected, the environments where the storage will be located, and the threats that need to be mitigated. This publication describes three types of solutions,full disk encryption, volume and virtual disk encryption, and file/folder encryption,and makes recommendations for implementing and using each type. This publication also includes several use case examples, which illustrate that there are multiple ways to meet most storage encryption needs.
Citation: NIST SP - 800-111
Keywords: computer security; mobile device security; removable media security; storage encryption; storage security
Research Areas: Threats & Vulnerabilities, Telcommunications/Wireless, Computer Security
PDF version: PDF Document Click here to retrieve PDF version of paper (218KB)