Your thoughts are quite perceptive. I'm (as you might expect) a fan of encryption, but there are only some things you can solve with encryption. Also, most all encryption is ultimately keyed by a password or passphrase, and if you lose that -- or it's hacked out from under you -- then all bets are off. Let's face it, if they know that the password is swordfish, it doesn't matter what crypto you used. And if that encrypted disk happens to be served on the network, then you didn't gain a thing from encryption. In spite of this, it isn't worthless. The main thing that disk encryption is good for is keeping your data reasonably safe if your machine vanishes. This isn't a huge factor with desktop systems, but it matters a lot with laptops. It's bad to have your laptop stolen, but at least if they can't get the data in it, you have some peace of mind. There's also at least one other option for you. There are products that provide better disk encryption than the default one with W2K. The PGP products (full disclosure -- I worked on these) provide an encrypting virtual disk driver, which allows you to make a file on your base OS into a virtual disk that has fully encrypted access to it. Many people use such a volume to store sensitive things, and since it isn't integrated into the user authentication system, it's harder to break open. Nonetheless, you hit the nail on the head here -- if encryption is integrated into the OS authentication and that authentication is easily hacked, you don't get very much protection when all is said and done. For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Securing your Data and Information->Encryption
Web Security Tip: Encryption made simple
Dig Deeper on Windows Security: Alerts, Updates and Best Practices
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.