Educause Security Discussion mailing list archives
Vista
From: "Mclaughlin, Kevin L (mclaugkl)" <mclaugkl () UCMAIL UC EDU>
Date: Thu, 1 Feb 2007 09:34:51 -0500
Hi All: I was wondering what your approach or thoughts are surrounding: 1.) key management of Vista's built in Encryption capability - are you going to try and centralize key management via Active Directory or just let each individual hold their own keys? a. My concerns with individuals holding their own keys are: what if they get hit by a bus? What if we are asked by their Dean, the FBI or local law enforcement to do a Forensic exam on their system? 2.) Are you going to establish a policy or guidelines that talk about Faculty and Staff key encryption key management responsibilities? If so would you mind sharing such a policy with us? Thanks -Kevin Kevin L. McLaughlin CISM, CISSP, PMP, ITIL Master Certified Director, Information Security University of Cincinnati 513-556-9177 (w) 513-703-3211 (m) 513-558-ISEC (department) <mailto:mclaugkl () ucmail uc edu> CONFIDENTIALITY NOTICE: This e-mail message and its content is confidential, intended solely for the addressee, and may be legally privileged. Access to this message and its content by any individual or entity other than those identified in this message is unauthorized. If you are not the intended recipient, any disclosure, copying or distribution of this e-mail may be unlawful. Any action taken or omitted due to the content of this message is prohibited and may be unlawful.