Educause Security Discussion mailing list archives

Re: Laptop encryption

From: Dennis Tracz <dntracz () UCALGARY CA>
Date: Tue, 9 Oct 2007 08:27:39 -0600

please count me in

Sarah Stevens wrote:

I will be setting up a conference call for Wednesday at 11:00AM ET.
Is that too soon, or can everyone make it at that time?  Let me know
what you think, as I can schedule at a later date, if necessary.  Once
I receive responses on interest level, I will send out an invite with
the dial in number.

I am looking forward to this conversation, it will be interesting to
share the information obtained.

Thanks,

Sarah Stevens
Stevens Technologies

------------------------------------------------------------------------
*From:* Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
*Sent:* Mon 10/8/2007 6:42 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Laptop encryption

I am interested as well.

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
IT Security Officer, Brown University
Campus Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu,  Office: 401-863-7266

-----Original Message-----
From: Ewing, Ashley [mailto:aewing () UA EDU]
Sent: Monday, October 08, 2007 9:11 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

I would like to participate.

J. Ashley Ewing, CISSP, CISA
Director of Security and Compliance/CISO
Office of Information Technology (OIT)
The University of Alabama
A105 Gordon Palmer Hall (Box 870346)
Tuscaloosa, AL 35487-0346
Office: 205-348-6524
Cell:     205-535-0335

-----Original Message-----
From: Sarah Stevens [mailto:sarah () STEVENS-TECHNOLOGIES COM]
Sent: Friday, October 05, 2007 7:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

If there is interest, I would be willing to set up the telecon
bridge.  We have an inside bridge.  No fee for anyone who wants to
take part.

Sarah Stevens
Stevens Technologies
--------------------------
Sent from my BlackBerry Wireless Handheld

----- Original Message -----
From: Paul Keser <pkeser () STANFORD EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Fri Oct 05 17:00:40 2007
Subject: Re: [SECURITY] Laptop encryption

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There seems to be a lot of interest on the list.  Do you guys want to
setup a conf call?  I haven't done that before but I can look into it if
you are interested.

I am in PST.

- -PaulK

Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Harold Winshel wrote:
> Dennis,
>
> Will do.  What days and times are good for you?  What time zone are you?
>
> Harold
>
> At 05:33 PM 10/5/2007, you wrote:
>> Hi Harold,
>>
>> I would love to learn more about the research you are & have done. If
>> possible can I give you a call next week?
>>
>> thanks
>>
>> Dennis.
>>
>> Harold Winshel wrote:
>>> I work for a decentralized academic unit but we've been looking at a
>>> number of enryption utilities the past year.  Some we've been using
>>> on a light scale - other's we're still evaluating.
>>>
>>> I'd put them into two classes - full disk and file / folder.
>>>
>>> I'd also categorize them in another way: free, inexpensive (under $60
>>> / license) or expensive (above $60 / license).  Of course, with
>>> volume purchases there can be big discounts available.
>>>
>>> One program that we liked a lot was a free program called Truecrypt.
>>> Besides being free, it is pretty easy to use and can be used on
>>> different media (hard drives, CD's, etc.).  It's not full disk, which
>>> can be a concern but, for a quick way of encrypting something, it
works.
>>>
>>> We've looked at some higher end products - both file / folder and
>>> full disk, and are leaning toward the full disk.  I'd be glad to give
>>> you more details if you're interested because we've spent a lot of
>>> time doing research on different products.
>>>
>>> Harold
>>>
>>>
>>> At 04:53 PM 10/4/2007, Dennis Tracz wrote:
>>>> Hello all,
>>>> I am new to this list so please forgive me if this topic has already
>>>> been covered.
>>>> I am interested in knowing, what is the common practice for Laptop
>>>> encryption, specifically:
>>>> 1.  What is your current practice:
>>>>    a.  Do you use encryption on laptops (for laptops you administer)
>>>>    b.  Do you encrypt the entire hard drive or selected folders
>>>> i.e.( My Documents)
>>>>    c.  Do you use a commercial product or EFS
>>>>    e.  If encryption is used is it automatically configured (for
>>>> laptops you administer) or do users have a choice
>>>>
>>>> 2.  What is your desired practice if you do not use encryption on
>>>> laptops
>>>> a.  Is this something you are wanting, attempting or not wishing
to do?
>>>> b.  Would you encrypt the entire hard drive or selected folders
>>>> i.e.( My Documents)
>>>> c.  Would you use a commercial product or EFS?
>>>> d.  Would you automatically encrypt (for laptops you administer) or
>>>> would you let your users have a choice?
>>>>
>>>> Any insight is greatly appreciated.  Thanks in advance
>>>>
>>>> --
>>>> Dennis N. Tracz CISSP-ISSMP, CISM
>>>> Information Security Officer
>>>> University of Calgary
>>>> (403) 220-4010
>>>>
>>>>
>>>
>>> Harold Winshel
>>> Computing and Instructional Technologies
>>> Faculty of Arts & Sciences
>>> Rutgers University, Camden Campus
>>> 311 N. 5th Street, Room B10 Armitage Hall
>>> Camden NJ 08102
>>> (856) 225-6669 (O)
>>
>> --
>> Dennis N. Tracz CISSP-ISSMP, CISM
>> Information Security Officer
>> University of Calgary
>> (403) 220-4010
>>
>>
>>
>
> Harold Winshel
> Computing and Instructional Technologies
> Faculty of Arts & Sciences
> Rutgers University, Camden Campus
> 311 N. 5th Street, Room B10 Armitage Hall
> Camden NJ 08102
> (856) 225-6669 (O)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
<http://enigmail.mozdev.org/>

iD8DBQFHBtAoO9nILSaZJPsRAjMaAJ9jKQ1UvjtcW3UeZwShT3gE7hXDZgCfR8n8
u1PelSm0uHGZFma0+7MYt14=
=hBTt
-----END PGP SIGNATURE-----


--
Dennis N. Tracz CISSP-ISSMP, CISM
Information Security Officer
University of Calgary
(403) 220-4010

Attachment: dntracz.vcf
Description:

Current thread:

Re: Laptop encryption, (continued)
- Re: Laptop encryption Greg Vickers (Oct 08)
- Re: Laptop encryption Sarah Stevens (Oct 08)
- Re: Laptop encryption Todd Clementz (Oct 09)
- Re: Laptop encryption Hoffman, Michael (Oct 09)
- Re: Laptop encryption Gary Dobbins (Oct 09)
- Re: Laptop encryption Chris Vakhordjian (Oct 09)
- Re: Laptop encryption Scott Koger (Oct 09)
- Re: Laptop encryption Anthony Maszeroski (Oct 09)
- Re: Laptop encryption Alex Everett (Oct 09)
- Re: Laptop encryption Linda Pruss (Oct 09)
- Re: Laptop encryption Dennis Tracz (Oct 09)
- Re: Laptop encryption Brian Goodman (Oct 09)
- Re: Laptop encryption Progar, Joe J (Oct 09)
- Re: Laptop encryption Christopher Penido (Oct 09)
- Re: Laptop encryption Cavender, Terry (Oct 09)
- Re: Laptop encryption Taylor, James R (Oct 09)
- Re: Laptop encryption Pat Ainsworth (Oct 09)
- Re: Laptop encryption Alex Everett (Oct 09)