Is TrueCrypt reliable enough for business-critical use? [closed]

Solution 1:

I and my fellow engineers at the office all use TrueCrypt.

We each keep a local TC data store of 50GB formatted for NTFS. Everyone gives their pass-phrase to our boss, and keeps a back-up on the NAS at the office.

Procedurally, not having an escrow-recovery is the biggest reason NOT to use TC. I.e. if someone changes their pass-phrase, gets angry and quits, we have NO way of accessing their data. So, from a business-critical perspective, that's probably the biggest risk.

Performance-wise, TC will keep-pace because of how it integrates with the host OS, but I wouldn't use it to encrypt an enterprise data-store or anything.

We really like the fact that TC supports multiple platforms -- because not all our engineers use the same OS. Some run Linux, some run Windows, and regardless TC works. It also doesn't care if you switch platforms! That's nice.

Solution 2:

TrueCrypt is as reliable as a plain partition is: If it suffers an unrecoverable error, doesn't matter what type of volume is, you lost data anyway.

The good thing about TrueCrypt is that you won't lose the entire thing (the following was taken from it's FAQ):

What will happen when a part of a TrueCrypt volume becomes corrupted?

In encrypted data, one corrupted bit usually corrupts the whole ciphertext block in which it occurred. The ciphertext block size used by TrueCrypt is 16 bytes (i.e., 128 bits). The mode of operation used by TrueCrypt ensures that if data corruption occurs within a block, the remaining blocks are not affected. See also the question 'What do I do when the encrypted filesystem on my TrueCrypt volume is corrupted'?


What do I do when the encrypted filesystem on my TrueCrypt volume is corrupted?

File system within a TrueCrypt volume may become corrupted in the same way as any normal unencrypted file system. When that happens, you can use filesystem repair tools supplied with your operating system to fix it. In Windows, it is the 'chkdsk' tool. TrueCrypt provides an easy way to use this tool on a TrueCrypt volume: Right-click the mounted volume in the main TrueCrypt window (in the drive list) and from the context menu select 'Repair Filesystem'.