Educause Security Discussion mailing list archives
Re: Product request - Enterprise whole disk encryption for laptops
From: "Waller, Michael A. (HSC)" <Michael-Waller () OUHSC EDU>
Date: Thu, 20 Jul 2006 12:19:14 -0500
We're working towards this. Basically, we understand that there will be some need, but we're going to make those who want to keep sensitive data on a portable device aware of the risks and make them jump through some additional hoops. This way, the user is more aware of the risk and supervisors/department heads/deans/IT have a much clearer picture of what's out in the wild. Mike Waller CISSP Information Technology, Information Security Services The University of Oklahoma Health Sciences Center -----Original Message----- From: Harold Winshel [mailto:winshel () CAMDEN RUTGERS EDU] Sent: Monday, July 17, 2006 9:51 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Product request - Enterprise whole disk encryption for laptops I agree that there are probably many more computers that have sensitive data on them than is necessary for business reasons. And that on a lot of those machines the users probably don't even realize what's on their computers. An approach that is very appealing to me is that of requiring users to make a case for their need to store sensitive data locally and to get formal permission to do so. I think this would do a few things. One, it would have an inhibiting effect on those who want to store sensitive data but don't have a strong case for it and, two, it would bring to the attention of the IT staff those who do store sensitive stuff, so that the IT staff can keep a closer watch on those users. Harold At 09:18 AM 7/17/2006, Roger Safian wrote:
At 01:44 PM 7/15/2006, Charlie Prothero put fingers to keyboard and wrote:Roger's comment on risk management brings tomind the question of whether or notsomeone should even be allowed to putsensitive data on a laptop, though this isa bit off-topic vis-à-vis thisdiscussion. Citrix, MS Terminal Services, VNC Personally I think the risk of sensitive data on a laptop, is only slightly larger that the same data on the network. They both potentially have the same risk of data lose through a network breach. The laptop is easier to steal. In most cases the business needs outweigh that risk, especially if the data is encrypted. The issue I see is does *any* machine need access to sensitive data? Speaking just from my experience I'd say that there are plenty of machines with sensitive data that are both not secure AND do not need the data on them in the first place. -- Roger A. Safian r-safian () northwestern edu (email) public key available on many key servers. (847) 491-4058 (voice) (847) 467-6500 (Fax) "You're never too old to have a great childhood!"
Harold Winshel Computing and Instructional Technologies Faculty of Arts & Sciences Rutgers University, Camden Campus 311 N. 5th Street, Room B36 Armitage Hall Camden NJ 08102 (856) 225-6669 (O)
Current thread:
- Re: Product request - Enterprise whole disk encryption for laptops, (continued)
- Re: Product request - Enterprise whole disk encryption for laptops Roger Safian (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Mark Newman (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Mark Newman (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Charlie Prothero (Jul 18)
- Re: Product request - Enterprise whole disk encryption for laptops Russell Fulton (Jul 19)
- Re: Product request - Enterprise whole disk encryption for laptops Waller, Michael A. (HSC) (Jul 20)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 20)