|
Focus on Microsoft
Workstation Shutdown / Logoff Policy Aug 16 2006 02:23PM kfoutts orenickcompanies com (4 replies) RE: Workstation Shutdown / Logoff Policy Aug 16 2006 04:42PM Thaddeus McNamara (tk coast-radio com) (1 replies) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 16 2006 07:18PM Jamie Fullerton (Jamie Fullerton ndbt com) (2 replies) Re: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 17 2006 03:55PM Thor (Hammer of God) (thor hammerofgod com) (5 replies) Re: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 18 2006 05:24AM Greg Mulholland (gmulholland aanet com au) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 18 2006 03:26AM BARRETT,WILL (BARRETW airproducts com) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 17 2006 07:46PM Maloney, Michael (MMaloney middlesexcc edu) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 17 2006 06:19PM Mike McMahon (Mike McMahon us wdsglobal com) RE: Workstation Shutdown / Logoff Policy Aug 17 2006 06:16PM William J Bova (wbova austin utexas edu) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 17 2006 02:55PM Thompson, Scott (scott thompson orion-sys com) (1 replies) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 17 2006 07:13PM Kirk Foutts (kfoutts orenickcompanies com) (3 replies) Re: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 22 2006 05:17PM Allan Seyberth (nullconnect gmail com) RE: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 22 2006 01:12PM Peter Eden (peter eden utoronto ca) Re: Workstation Shutdown / Logoff Policy :VSMail mx1 Aug 22 2006 05:43AM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) (1 replies) Whole disk encryption Aug 24 2006 04:47PM Sarah (sfelske bgsu edu) (5 replies) Re: Whole disk encryption Aug 25 2006 02:35AM Dietrich Heusel (dietrich heusel de) (2 replies) Re: Whole disk encryption Aug 25 2006 06:00PM Saqib Ali (docbook xml gmail com) (1 replies) RE: Whole disk encryption Aug 24 2006 06:06PM Erik Anderson (eanders pobox com) (3 replies) RE: Whole disk encryption Aug 25 2006 03:24PM Brad Judy (Brad Judy colorado edu) (1 replies) Re: Workstation Shutdown / Logoff Policy Aug 16 2006 03:04PM Sebastian {En3pY} Zdrojewski (en3py itvc net) RE: Workstation Shutdown / Logoff Policy Aug 16 2006 02:51PM Finehout, David (Contractor) (dfinehout nrlssc navy mil) (1 replies) RE: Workstation Shutdown / Logoff Policy Aug 16 2006 09:32PM McLennan, James GS12 USA USAIMA (james mclennan us army mil) |
|
|
Privacy Statement |
any production issues. We are a smaller office, but we've also done
large deployments which have similar experiences. Law enforcement is a
huge fan of this technology. We use hardware tokens with certificates
for authentication.
Brad is right, it really is the way to go, sensitive data is stored
all over the disk in many cases. Whole disk encryption solves the
problem.
-J
On 8/28/06, chuck <chuck (at) chuckherrin (dot) com [email concealed]> wrote:
> I agree with Brad. We used Securedoc and encrypted 100 percent of our laptops, and it went off without a hitch. Another division used Safeboot and had similar results.
>
> We found it to be less troublesome and less risky to encrypt the whole drive, and we can say with 100% certainty that if a laptop is lost, the data was encrypted. That's a nice feeling, and avoids a lot of uncomfortable post-mortem questions from Sr management and Legal if one is lost.
>
> Also, the data is not the only target - on pen tests I have stolen, trojaned, and returned a laptop, then harvested passwords and other info from it.
>
> My 2 cents - Do the whole disk.
>
>
> BlackBerry service provided by Nextel
>
> -----Original Message-----
> From: "Brad Judy" <Brad.Judy (at) colorado (dot) edu [email concealed]>
> Date: Fri, 25 Aug 2006 09:24:30
> To:<focus-ms (at) securityfocus (dot) com [email concealed]>
> Subject: RE: Whole disk encryption
>
>
> > Why? You only need to protect the data not the whole OS. It
> > causes too many problems. I don't recommend creating a
> > headache for yourself when you only need to protect some data.
>
> Yes, you only need to protect data, but can you guarantee that data is
> only being written to the encrypted part of the disk? If the user can
> readily write to a non-encrypted space, then you've lost much of the
> benefit of the encryption because if a laptop is lost/stolen you can
> only say "I'm pretty sure the data was encrypted". Check with your
> legal department and see how they feel about "pretty sure". :-)
>
> Brad Judy
>
> ITS - UCB
>
> ------------------------------------------------------------------------
---
> ------------------------------------------------------------------------
---
>
>
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]