A common theme that you may be noticing in this book revolves around the concept of confidentiality. In a computer security context, confidentiality is the notion that sensitive data is accessible by only those users who have been approved or authorized for access to that data. For many organizations, and indeed for many malfeasants, data confidentiality is the most significant aspect of security. Certainly sabotage is a significant threat to many organizations, and often a source of incentive for many hackers, but more often than not the end-goal is to gain access to information. Whether it’s personal information that facilitates identity theft, or highly valuable corporate secrets, information is highly valuable, both to you and those that would do you harm. In many corporate environments, the policy to encrypt data may be simply due to legal necessity, as there is liability involved with leaking certain data, such as personally identifiable information and payment records. Recent research indicates that loss of corporate secrets can result in an even more dangerous financial windfall for a company. Thus, protecting that data should always serve as job number one for end user’s and system administrators alike.