Re: Laptop encryption experiences

["A. Harry Williams" <Harry () MARIST EDU>]

On 11/15/2010 11:32 AM, Alan Bowen wrote:
> At TCNJ, we've been in the alpha/pilot phase of a laptop full disk 
> encryption project for a very long time.  We are grappling with the 
> complexities and resource requirements for encrypting our entire 
> laptop inventory.  I'd like to know what types of parameters schools 
> use for a "litmus test" to determine if a given laptop needs to be 
> encrypted.  Also, data on the number of laptops that have been 
> encrypted over a time period, e.g. month or semester, would be very 
> useful.  Any extenuating circumstances or qualifiers outside of these 
> questions would be much appreciated as well.  Thanks.
>
> -Alan
> --
> Alan Bowen
> Manager of IT Security
> The College of New Jersey

Our litmus test is "Is it a laptop?".  We include netbooks in the mix.  
We made the case to senior management (it wasn't hard) that the cost of 
one loss of data clean up exceeded the cost of FDE for all laptops, not 
to mention cost to reputation.  We've even started doing FDE on some 
desktop computers that we consider potentially containing high value 
data, such as HR, payroll and health services.  We started several years 
ago, and did it as part of normal replacement.  We're at a point now 
where basically all laptops have FDE.

/ahw