3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
586 B
586 B
---id: V-38661 status: exception - initial provisioning tag: misc ---
Creating encrypted storage is left up to the deployer to consider and implement. Although encrypting data at rest on storage volumes does reduce the chances of data theft if the server is physically compromised, it doesn't provide protection from a user who is logged in while the server is running.
Linux systems provide various options for storage encryption. The Linux Unified Key Setup is a good implementation to review.