Enterprise whole disk encryption

["Jimmy L. Fikes" <fikesj () WBU EDU>]

This is a fascinating and relevant thread.

I work in a faith-based school. I tell our users to use Bible verses for
passwords - and then to take the additional step to memorize the verse -
and not be accused of just using the Bible as a utility. For instance,
John 3:16 can morph into j0hn3_16 and a variety of other combinations,
without ever changing the base phrase. Around here, it works like a
charm.

On the question of disk encryption, I've used PGP and a couple of
others, and have been disturbed at how much latency they build into
normal work. Have you experienced latency in processing, or is just my
imagination?

One last question. What about requiring that all work on mobile machines
be done in VMware? I do this, and hide all shortcuts to the VMware
application. The thief would have to spend a lot of time to find the
executable, and then probably would not know what it means. I use a
different password for the VMware and machine access - so this adds a
little defense in depth. Once files are saved in VMware, they are not
discoverable through a regular desktop search for files. Is this
security by obscurity, or would using the virtual work environment as
the production environment on mobile machines add the security needed,
without having to resort to encryption?

 
Jimmy Fikes
Chief Information Officer
Wayland Baptist University
1900 W. 7th Street, CMB 229
Plainview, TX 79072-6900
(806) 291-3540 (Office) (CST)
(806) 291-1974 (Fax)