I am looking for some ideas on what to consider when defining a laptop
security strategy. I am looking the security from both the process and
technology point of view. Currently we are concerned with only "Data @
Rest".
So far I have:
- Awareness
- Training
- Encryption (Encrypted Vaults, File/Folder encryption, full disk encryption)
- Data Recovery in case of the loss of the encryption key / Secure Backup
- Device recovery in case of theft or lost
- Data classificiation
- Centralized management
- Encryption key recovery
- Spyware control
- US Crypto Export laws
Any ideas? I would especially like to hear from people who have
defined strategy for multi-national companies, and the US export laws.
I am looking for some ideas on what to consider when defining a laptop
security strategy. I am looking the security from both the process and
technology point of view. Currently we are concerned with only "Data @
Rest".
So far I have:
- Awareness
- Training
- Encryption (Encrypted Vaults, File/Folder encryption, full disk encryption)
- Data Recovery in case of the loss of the encryption key / Secure Backup
- Device recovery in case of theft or lost
- Data classificiation
- Centralized management
- Encryption key recovery
- Spyware control
- US Crypto Export laws
Any ideas? I would especially like to hear from people who have
defined strategy for multi-national companies, and the US export laws.
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
[ reply ]