|
|
|
|
|
|
by lazide
1277 days ago
|
|
|
There are secondary effects to not using encryption you can see. For instance, it greatly expands the scope of ‘I lost your data/I exposed your data’ notifications in places like California, and for those under many of those other rulesets. Someone getting access to a repo of encrypted drive images, or someone losing an encrypted drive, doesn’t count. And for reasonableish reasons. It’s a basic risk mitigation/blast radius limiting move. For physical/on-prem especially, since old disks tend to ‘wander’ after retirement, and it’s a great idea to always have had them full disk encrypted to reduce the odds someone sensitive gets exposed years down the line. |
|
|