Re: Data on sensitive computers

[Dave Koontz <dkoontz () MBC EDU>]

While Windows EFS may be "less vulnerable" than un-encrypted files, I would
personally opt for stronger products like PGPDisk, SecurStar's DriveCrypt /
DriveCrypt Plus Pak, StrongDisk, BestCrypt, etc.

If my understanding is correct, EFS is a very weak encryption process and
can be easily defeated by various commerical or free products.

For example, consider the ElcomSoft "Advanced EFS Data Recovery" product.
http://www.elcomsoft.com/aefsdr.html.  While I've not experimented with this
program or others like it, their mere existence makes me very leary of
Microsoft's encryption.

--- PRODUCT DESCRIPTION ---
Advanced EFS Data Recovery (or simply AEFSDR) is a program to recover
(decrypt) files encrypted on NTFS (EFS) partitions created in Windows 2000,
Windows XP and Windows Server 2003. Files are being decrypted even in a case
when the system is not bootable and so you cannot log on, and/or some
encryption keys have been tampered. Besides, decryption is possible even
when Windows is protected using SYSKEY. AEFSDR effectively (and instantly)
decrypts the files protected under all versions Windows Server 2003
(Standard and Enterprise), Windows XP (including Service Packs 1 and 2) and
Windows 2000 (including Service Packs 1, 2, 3 and 4).




-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin Shalla
Sent: Friday, April 22, 2005 1:50 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Data on sensitive computers

Has anyone implemented the Encrypting File System under Windows laptops to
make the data less vulnerable to theft?
At 09:43 AM 4/22/2005, Samuel Liles wrote:
>  -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jon E. Mitchiner
> Sent: Friday, April 22, 2005 9:36 AM
>
> This brings up interesting questions.  Are there security measures that
> your school takes to protect sensitive computers/laptops/hard drives
> (such as Accounting, Health Services, etc?)
>
> Do you force all sensitive data to be saved on a remote server in a
> secure location (perhaps utilizing Terminal Services)?  I am starting
> to wonder if this is something that we should investigate into with
> sensitive departments so if the hard drives are stolen then we'd like
> to know there's not much we should be worried about.
>
> -----End Original Message-----
>
> Since I have some of the same issues that the UC Berkley Prof was
> discussing I've been looking at
> http://www.pointsec.com/core/default.asp as a possible solution.
> Unknown at this point if it would actually work, if there is a
> performance hit, or other issues. It would be nice to get for
> evaluation. It would seem to solve the Knoppix CD in the CDROM drive issue.
Along with BIOS passwords, Grub Passwords, and encrypted file systems.
> --------------------------
> Sam Liles

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.