0

As an additional layer of security on a windows server (stored on-site) I am considering to use TrueCrypt.

However my concern is if my webapp will still work as expected? I dont want anyone to access the machine but still have the webapp working as normal over the LAN.

Thanks

Santiago
  • 103
  • 1
  • 1
  • 3

2 Answers2

1

I think for any large-scale application that has to deal with high load, this would be a bad idea, but if it's small, this is a fine solution to encryption your data and running your web app off the mounted TrueCrypt drive.

atx
  • 1,281
  • 1
  • 9
  • 25
  • the app itself will be used in a small office with 4 client PCs.its not large scale. Would encrypting the C drive or partition on the server still allow the webapp to be hosted over the LAN/data to be read/written to the database on the server etc? – Santiago Mar 11 '11 at 11:01
  • Yes, TrueCrypt makes this seamless. – atx Mar 11 '11 at 11:01
0

The the way TrueCrypt and similar full disk encryption applications work hides the encryption layer from the operating system/applications etc. There is a slight performance hit, as every disk access requires an encrypt or decrypt, but for a low load application it will just work.

The slight caveat would be around unattended reboots - I am guessing you only use this server when you are on site, but if you needed to use it remotely, and a power cut had caused it to power down, you would need a physical presence to get it started up again.

Rory Alsop
  • 1,184
  • 11
  • 20
  • the server will be used when i am offsite. so that may be an issue if im not around and the box shuts down unexpectedly. Could I, encrypt a partition or even folder and give access to a user to start stop the services? – Santiago Mar 11 '11 at 14:35
  • @Santiago - if you are just encrypting a partition or folder, then yes, you will be able to do that. Not quite as secure as full disk encryption, but more practical in this set of circumstances. – Rory Alsop Mar 11 '11 at 15:20