Security Basics mailing list archives
RE: dual password for file/folder encryption
From: "Mason, Samuel" <SMason () mt gov>
Date: Wed, 17 Dec 2008 15:24:16 -0700
Sorry for the slightly off-topic post but with chmod1777's email addy like that I had to send to the list to ask: If you have a pure Windows environment have you tried the SSO option with Data Armor? It works and will log them straight through from DA into Windows. Our issue is that Windows isn't our only environment and it won't chain password changes thru more than one environment so my users get to complain about multiple logins but at least they don't have to remember an extra password. Samuel Mason, CISSP -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of chmod1777 () invalid-host name Sent: Tuesday, December 16, 2008 10:17 AM To: security-basics () securityfocus com Subject: Re: dual password for file/folder encryption I would be reluctant to trust users to store their data in a certain folder only. We looked into encryption because we're a financial institution, mainly for laptops, and looked at many options. We decided to go with whole disk encryption simply because we simply couldn't trust human nature (users doing the right thing). The product that we chose was Mobile Armor. http://www.mobilearmor.com/ It is a client/server authentication model, and will allow a user to log in if off the network based off of their cached password. It syncs with AD, etc. It's basically a linux pre-boot environment, and allows us a back way in if we need to. It can be updated remotely, and is absolutely effortless to administer. The users complain about another login, but hey... it keeps us out of the news ;) Now we don't have to worry about if the end user did the right thing. If a laptop gets lost or stolen, it's basically junk. Kurt
Current thread:
- Re: dual password for file/folder encryption, (continued)
- Re: dual password for file/folder encryption ArcSighter Elite (Dec 16)
- Re: dual password for file/folder encryption Ali, Saqib (Dec 16)
- Re: dual password for file/folder encryption Alexander Bondarenko (Dec 16)
- Re: dual password for file/folder encryption Michael Lorenzen (Dec 16)
- dual password for file/folder encryption kalgecin kalgecin (Dec 16)
- Re: dual password for file/folder encryption Rob Thompson (Dec 16)
- RE: dual password for file/folder encryption Pete.LeMay (Dec 16)
- Re: dual password for file/folder encryption Kevin Tunison (Dec 16)
- RE: dual password for file/folder encryption Prodigi Child (Dec 16)
- Re: dual password for file/folder encryption chmod1777 (Dec 16)
- RE: dual password for file/folder encryption Mason, Samuel (Dec 17)
- Re: dual password for file/folder encryption Andre Pawlowski (Dec 23)
- RE: dual password for file/folder encryption Mason, Samuel (Dec 17)