This is for an small Optometrist office that will just have a server rack in the back office, no secured datacenter involved. If someone kicks down the door, breaks open the rack enclosure, then break off the security cover server, they can then un-rack or remove the drives. I think the real concern here is theft is actually possible and if it does happen, we need to be certain the data cannot be retrieved.
Jimmy From: [email protected] [mailto:[email protected]] On Behalf Of Ziots, Edward Sent: Thursday, January 16, 2014 7:53 AM To: [email protected] Subject: [NTSysADM] RE: encrypting Server 2008 R2 virtual disk Here is my question on the encryption part, which HIPAA doesn't really give a lot of leeway on. 1) If you are in a Virtual environment which you are claiming, then how is someone going to steal the VMDK without having access to the LUN ( San or Local) on the datastore in which it resides? (pretty hard to walk into a datacenter with ESX box, and go steal the disk with the data on it) (Encryption by the specification is "addressable" and the real areas of risk is mobile devices (phones, tablets, Laptops) where the cost and justification of the control is higher. ( This is the risk management port of HIPAA 164.308(a) that a lot of people don't look into when looking at what needs to be done) I know this isn't a full answer to your question but wanted to get you context to what is being asked and where the real risk resides. Z From: [email protected] [mailto:[email protected]] On Behalf Of Jimmy Tran Sent: Thursday, January 16, 2014 9:48 AM To: [email protected] Subject: [NTSysADM] encrypting Server 2008 R2 virtual disk I have a client who needs to comply to HIPPA requirements and encrypt their data. The windows server 2008 r2 is a guest on ESXi 5.5. I looked at bit locker and although vmware doesn't support it, it can still be done. The data is currently planned to reside on the local datastore. Encrypting the entire data store would be ideal but I'm not aware of any tools to do this. Does anyone have any recommendations? Thanks, Jimmy
