Security Basics mailing list archives
RE: Full Disk Laptop Encryption
From: "Bob Beringer" <bob.beringer () usa net>
Date: Thu, 27 Sep 2007 15:09:31 -0400
Rob, Thanks for the email, a couple of the issues with PointSec right the last time that I checked is that they didn't offer digital signature support, MAC agents, and don't support encryption for Data-in-Motion. There were other deficiencies that came up during our bake-off, but these are a few to get you started... Don't get me wrong PointSec has a pretty decent offering and a lot of folks like them, but I try to talk about things on list from a technical perspective first. An older public bake-off document was released via the link below and it might provide value to the group. http://www.networkcomputing.com/showArticle.jhtml?articleID=193500189 My team developed a really cool integrated solution with several of the whole-disk encryption solutions for multi-factor authentication and remote access for some of our government clients and really had to dig into the weeds to find out which solutions played better with others, so my thoughts below are tied closely to what works well in an enterprise, what the goals of the organization might be and what type of integration that each environment needs. Two last notes, PGP now has a universal server and they have a MAC client with enterprise key management for the MAC's. Lastly, TECSEC has a very flexible and powerful solution for encrypting objects and other data in motion as well protecting as Data at Rest. (mind you in this case that flexible also might mean more initial set up time and effort...) I hope that this information helps :-) v/r Bob +12404756858 -----Original Message----- From: Rob Thompson [mailto:my.security.lists () gmail com] Sent: Thursday, September 27, 2007 1:50 PM To: Bob Beringer Cc: Lafosse, Ricardo; security-basics () securityfocus com Subject: Re: Full Disk Laptop Encryption On 9/27/07, Bob Beringer <bob () eor us> wrote:
Ricardo, Pointsec has some limitations, other solutions that are worth looking into are:
Which would be? I'm not trying to be confrontational, I am simply curious. I have personally used WinMagic, PointSec and PGP. I am not familiar with the TecSec, though I am curious as to what limitations you would be referring to in regards to PointSec. IMO I would use either PointSec or SecureDoc, by WinMagic. I would stay away from PGP's product like the plague. They are both extremely thorough. Pointsec with it's current release is much faster, and has quite a few handy features, like disabling removeable media until authentication, etc... I haven't used SecureDoc since it's been Linux compliant, so I can't speak on it's newer revisions... <snip> -- Rob
Current thread:
- RE: Full Disk Laptop Encryption, (continued)
- RE: Full Disk Laptop Encryption Lenny Hansson (Sep 27)
- RE: Full Disk Laptop Encryption TVB NOC (Sep 27)
- RE: Full Disk Laptop Encryption Lafosse, Ricardo (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- Re: Full Disk Laptop Encryption gjgowey (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Re: Full Disk Laptop Encryption gjgowey (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Message not available
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Message not available
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 28)
- Re: Full Disk Laptop Encryption gjgowey (Sep 28)
- Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)
- Re: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) gjgowey (Sep 28)
- RE: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)
- Re: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) gjgowey (Sep 28)
- RE: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)