Re: Security procedure question

["MandommGmail" <mandomm () gmail com>]

 I'm concerned about a user leaving the id and password on paper in or near 
the laptop.

There is no way one can defend against a user who decides to stick a sticky 
pad on his laptop and leaves his password there. The best encryption tool 
does not defend against human stupidity.

Alex
----- Original Message ----- 
From: "Saqib Ali" <docbook.xml () gmail com>
To: "Brown, Sam" <sbrown () ashe ucla edu>; <mario () netway com cy>; 
<lists () hwf cc>
Cc: <security-basics () securityfocus com>
Sent: Friday, September 22, 2006 1:26 AM
Subject: Re: Security procedure question


> If you don't mind, can I ask what product you selected? There are some
> full/whole disc encryption implementations that support TPM. See the
> URL for description:
> http://en.wikipedia.org/wiki/FDE#Full_disk_encryption_and_Trusted_Platform_Module
>
> If your laptops are TPM enabled the full disc encryption software can
> wrap the decryption key with TPM, so the user won't have to remember
> or note down an extra username/password.
>
> On 9/20/06, Brown, Sam <sbrown () ashe ucla edu> wrote:
> > We're going to be deploying whole disk encryption to our laptops so I am
> > interested in hearing how others have distributed the software
> > encryption ID's and passwords to users.  I'm concerned about a user
> > leaving the id and password on paper in or near the laptop.
> >
> > Sam Brown
> >
> >
> > ---------------------------------------------------------------------------
> > This list is sponsored by: Norwich University
> >
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> > The NSA has designated Norwich University a center of Academic Excellence
> > in Information Security. Our program offers unparalleled Infosec 
> > management
> > education and the case study affords you unmatched consulting experience.
> > Using interactive e-Learning technology, you can earn this esteemed 
> > degree,
> > without disrupting your career or home life.
> >
> > http://www.msia.norwich.edu/secfocus
> > ---------------------------------------------------------------------------
>
>
> --
> Saqib Ali, CISSP, ISSAP
> Support http://www.capital-punishment.net
> -----------
> "I fear, if I rebel against my Lord, the retribution of an Awful Day
> (The Day of Resurrection)" Al-Quran 6:15
> -----------
>
> ---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic Excellence 
> in Information Security. Our program offers unparalleled Infosec 
> management education and the case study affords you unmatched consulting 
> experience. Using interactive e-Learning technology, you can earn this 
> esteemed degree, without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------