Educause Security Discussion mailing list archives
Re: Encrypted Thumbdrives
From: Gary Flynn <flynngn () JMU EDU>
Date: Mon, 21 Apr 2008 09:55:00 -0400
Bombard, Charles L wrote:
Have you looked at a particular product? Have one you really like?I am wondering what other people have found in looking at USB thumbdrives that have built in encryption and/or have utilized software based encryption such as truecrypt that can be included on the drives un-encrypted area.
We're just starting to look at this area. Given the wide range of hardware and the constantly changing technology, TrueCrypt is very attractive though operator education is a challenge. Another area of concern is untrusted hosts. There is a lot of malware out there that understands USB drives and that will spread to them if a write protect switch is not available. We saw a sample that copied the contents of a USB drive to one large file on the infected host and subsequently tried to communicate with systems in China. Encrypting the data at rest will protect against what is probably the most common threat, loss of the media, but doesn't protect the data if the device is plugged into a hostile host. There has to be a very good reason that sensitive data is placed on portable media and user education about safe usage of the portable media is at least as important as technology.
I am currently demo’ing a SafeStick Business edition thumbdrive. I will be looking at a truecrypt solution too.I thought there had been a discussion about this a while back but I could not find it in the archives.Any thoughts/suggestions are appreciated.-Charlie==========================================Charles Bombard, GSEC LAN/Systems Administrator Community College of Vermont 119 Pearl Street Burlington, VT 05401 802.657.4234 bombardc () ccv edu <mailto:bombardc () ccv edu>PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated recipient only and may contain privileged, confidential, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of an email received in error is prohibited.
-- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Encrypted Thumbdrives Bombard, Charles L (Apr 18)
- <Possible follow-ups>
- Re: Encrypted Thumbdrives Stephen Gill (Apr 18)
- Re: Encrypted Thumbdrives Bradley, Stephen W. Mr. (Apr 18)
- Re: Encrypted Thumbdrives James M . Dutcher - VP IS/IT & CIO (Apr 18)
- Re: Encrypted Thumbdrives Mike Hanson (Apr 18)
- Re: Encrypted Thumbdrives Paul Keser (Apr 18)
- Re: Encrypted Thumbdrives Michael Sana (Apr 18)
- Re: Encrypted Thumbdrives Gary Flynn (Apr 21)
- Re: Encrypted Thumbdrives Jesse Thompson (Apr 21)
- Re: Encrypted Thumbdrives Avdagic, Indir (Apr 21)
- Re: Encrypted Thumbdrives Richard Hopkins (Apr 22)
- Re: Encrypted Thumbdrives Brenda B Gombosky (Apr 22)