Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Product request - Enterprise whole disk encryption for laptops

From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Mon, 17 Jul 2006 08:18:53 -0500
At 01:44 PM 7/15/2006, Charlie Prothero put fingers to keyboard and wrote:

Roger's comment on risk management brings to mind the question of whether or not 
someone should even be allowed to put sensitive data on a laptop, though this is 
a bit off-topic vis-à-vis this discussion.  Citrix, MS Terminal Services, VNC 


Personally I think the risk of sensitive data on a laptop, is only slightly
larger that the same data on the network.  They both potentially have the same
risk of data lose through a network breach.  The laptop is easier to steal.
In most cases the business needs outweigh that risk, especially if the data is
encrypted.

The issue I see is does *any* machine need access to sensitive data?  Speaking
just from my experience I'd say that there are plenty of machines with sensitive
data that are both not secure AND do not need the data on them in the first place.


-- 
Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"
Previous By Date Next
Previous By Thread Next

Current thread: