Stack Exchange network consists of 183 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.
Visit Stack Exchange
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about TeamsDon't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetenceincompetence.
Don't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
Don't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
Don't roll your own cryptoDon't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
Don't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
Don't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
Don't roll your own crypto. Just don't. You can never be sure it's secure, and the first you will hear of it being broken is when Anonymous posts your company secrets on Pastebin.
Use the tools that already exist (e.g. dm-crypt/LUKS for Linux systems, or BitLocker for Windows systems). They are well understood, and any reasonable security auditor will know what they are and that they work.
If the security auditor insists on this less-than-ideal setup, fire them for incompetence.
