The price of full disk encryption: $232 per user, per year

The price of full disk encryption: $232 per user, per year

Summary: While costs vary dramatically based on factors such as organization size and the industry involved, the most expensive aspect of full disk encryption is the "user time incurred operating computer" featuring the technology.


Is it worth using full disk encryption (FDE)? According to research carried out by Ponemon Institute (funded by WinMagic), the benefits far outweigh the costs.

The report, "Total Cost of Ownership for Full Disk Encryption," is based on a survey of 1,335 IT and IT security individuals in the U.S., the U.K., Germany and Japan and looks at the costs and benefits associated with FDE.

"Encryption is important to mitigating the damage caused by data breaches, complying with privacy and data protection regulations, and preserving brand and reputation," claims the report. "In order to make rational decisions regarding the optimum use of encryption, it is important to comprehend the total cost of ownership (TCO). This particularly applies to solutions believed to be free but may have significantly higher TCO than commercial products".

According to the report, the costs depend on a number of factors. First is size of the organization: the larger the organization, the lower the costs. Another variable is industry. Heavily regulated industries such as financial services have the highest costs; while less regulated industries such as entertainment have the lowest costs.

What's interesting in the report is the discovery that the most expensive aspect of FDE is not the encryption hardware or software, but the "user time incurred operating computer with FDE". In other words, the increased time it takes to start up and shut down a system featuring FDE.

Totaled up, the costs of FDE work out at $232 per user, per year in the U.S.  This rises to  $264 per user, per year in Japan.

So, if it costs $232 per user, per year, what are the benefits? After some serious number crunching that used extrapolations from the survey, Ponemon estimates the cost savings from reduced data breach exposure to be $4,650.

In conclusion, the report states that, "the value of FDE far outweighs the costs by a factor 4 to 20 depending on the region". It goes on to point out that "the user and IT cost of deploying and running a full disk encryption solution is much higher than the pure software cost".

This, claims the report, "sheds a new light on allegedly 'free' encryption solution that come with operating systems" which "may have a significantly higher TCO compared to commercial FDE solutions that have a minimum impact on IT processes and user productivity".

Gallery: Integral Crypto SSD SATA II 2.5-inch

Image source: Ponemon Institute.

Topics: Storage, Data Management, Security, Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • By any chance

    Does WinMagic sell a full disk encryption system with management tools? ;-)

    Certainly the massive improvements to BitLocker in Windows 8 will drop some of those figures but does any business really think full-disk encryption can be done without investing in management tools (System Center or any of the many third-party options)?
    • .

      Does any business that will deploy windows 8 / 7 with bitlocker not have system center?
  • bitlocker..

    Bitlocker... is the way forward!
  • Checkpoint is the best company for Full Disk Encryption

    Checkpoint, NASDAQ CHKP is the world leader in full disk encryption. It has the following features:

    Pre Boot authentication
    Centralized management
    Secure Remote Help
    Full AES 256bit encryption on user data, OS files and attempts to copy files or introduce rogue programs are blocked even when hard drive is removed and slaved in a different computer.
    Gabriel Hernandez
    • erm

      Isnt that basically what Bitlocker with TPM do?
  • Not so fast

    There are already hacks for FDEs and while they are not cheap nor simple, systems in most need of FDE are likely also the ones that would be targeted with that type of hack.
    • Stopping the 90%

      The point on encryption, and all security, is to stop the casual to intermediate user / thief from obtaining your information.
      No encryption is truly perfect (by the simple fact that humans use it - see sticky notes on laptops) but as long as companies can declare that they have taken suitable precautions then they will avoid liability and bad press.
      Remember, the vast majority of data loss has not resulted in sensitive information being used against a company or individual.
  • You Mean It’s Not Built Into Your OS?

    On Android and other Linux systems, full-disk encryption is just a checkbox away.
    • FDE without a surrounding infrastructure is dangerous

      BitLocker is pretty close to a check-box away on Windows. However, I'd *never* recommend that anyone use it unless it was in a domain, and unless the domain was properly setup for it (or they used System Center to administer it). Full disk encryption is one lost password (or a few other things) away from full-disk brick.
  • I thought . . .

    . . . that was the point!