Educause Security Discussion mailing list archives
Re: What is up with Encryption?
From: Zach Jansen <zjanse20 () CALVIN EDU>
Date: Fri, 14 May 2010 13:06:01 -0400
After having had a ridiculous time implementing Sophos, we're rolling out bitlocker on Windows 7. Offhand it looks to be much more friendly for the user, and still offers the majority of the protective measures we require. Key storage and recovery in AD works, and the price is right. Randy Marchany did an excellent job outlining some of the risks that are not mitigated by FDE in the mobile data thread a few days back, so I won't repeat that here. As we are in the process of rolling out Bitlocker, I don't have any horror stories. On the Mac side of things, File Vault is available. Performance is an issue particularly at logout, as well as admin assistance. I'm not aware of any centralized key management, so you're accepting the risk that you may not be able to access data. I liked the Checkpoint solution when I reviewed it, however, if you have multi user laptops, it's management of those machines is cumbersome. As in, you'll be adding and removing users manually via the console. Zach -- Zach Jansen Information Security Officer Calvin College Phone: 616.526.6776 Fax: 616.526.8550
On 5/13/2010 at 2:46 PM, in message
<70CE0087A36C57449F2E6B46B7006163F7FD92 () mailfac3 hh nku edu>, Kimberly Heimbrock <heimbrockk () NKU EDU> wrote:
We were mid-stream in encryption vendor reviews when PGP, Guardian Edge and now Sophos have been bought/sold. Unsure of the commercial market, we are now considering simply using OS-based encryption - Bitlocker and Mac encryption. We are primarily concerned about key recovery with 'free' products, as well as ease of deployment, administration, and support- particularly off-hours. Has anyone successfully implemented Bitlocker with AD key storage and recovery, and what success/horror stories do you have. Any other suggestions on current products such as Checkpoint, or others? Thanks in advance for the help. Kim Heimbrock Director, IT Policy and Compliance Northern Kentucky University (859) 572-5139 heimbrockk () nku edu
Current thread:
- What is up with Encryption? Kimberly Heimbrock (May 13)
- <Possible follow-ups>
- Re: What is up with Encryption? Dennis Meharchand (May 13)
- Re: What is up with Encryption? Jason Testart (May 13)
- Re: What is up with Encryption? Zach Jansen (May 14)