Is VPS Disk Encryption pointless?

It's relatively straight-forward to create an encrypted storage volume (e.g. Like so: https://www.digitalocean.com/community/tutorials/how-to-create-an-encrypted-file-system-on-a-digitalocean-block-storage-volume .) However, since the filesystem is decrypted on boot, and the server's always on, won't the data be sitting on our VPS in plain-text anyway?

Is there any value, at all, to using full-disk encryption on an always-on VPS?

--edit---

my goal is to make it financially non-viable for the host to access my data and source code. Is disk encryption beneficial in respect of this?


Solution 1:

The solution is certainly not pointless.

But the risk scenario you’re protecting against with full disk encryption is not somebody compromising your running instance, you’re adding protection against threats at a different level such as for example the theft of the physical disks that are used for storing the data in your VM. (And other threat scenarios.)


In response to the OP's edit:

If you have no reason to trust your cloud provider you shouldn't be using them. Because whoever is in control of the hardware can generally defeat any protections you can mount from within a VPS.
Adding protection such full disk encryption does already ensure that it won't be trivial to get to all your data though. Your data confidentiality will be protected from the many of the most trivial "attacks", operator errors and misconfigurations.

But technology can't provide absolute protection there.

That means that you need to trust the provider.

In business you don't trusts blindly though. You do your own due diligence selecting a trustworthy provider and then you get your legal team to set up agreements and contracts, with penalties and other ways to enforce compliance.