Educause Security Discussion mailing list archives

Re: A "default stance" question for my esteemed Educause colleagues....

From: "Davis, Chris" <CDavis () LOURDES EDU>
Date: Wed, 11 Apr 2018 16:42:20 +0000

My opinion…use BitLocker server and encrypt everything and use your MDM to enforce and escrow your encryption keys for 
your Mac fleet.

Chris

Christopher Davis, Ph.D.
Chief Information Officer
Lourdes University
6832 Convent Blvd | REH 003P | Sylvania, OH 43560
cdavis () lourdes edu<mailto:cdavis () lourdes edu>

CyberAware – Be aware. Stay Secure.
Lourdes University will never ask you to send sensitive information through unsecure channels. Report any message that 
asks you to provide or confirm personal information such as credit card and/or bank account numbers, Social Security 
numbers, passwords, etc. or any other suspicious activity to infosec () lourdes edu<mailto:infosec () lourdes edu>. For 
more information please visit lourdes.edu/cyberaware<http://lourdes.edu/cyberaware>.

CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) 
and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not 
the intended recipient of this message or their agent, or if this message has been addressed to you in error, please 
immediately alert the sender by reply email and then delete this message and any attachments. If you are not the 
intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its 
attachments is strictly prohibited.


From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Michael Schalip 
<MSchalip () SALUD UNM EDU>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, April 11, 2018 at 12:37 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] A "default stance" question for my esteemed Educause colleagues....

Hi Folks,

Looking for some wisdom from the masses….

We currently use full disk encryption on (in theory) all laptops.  However – there is a proposal on the table to 
establish a requirement to encrypt the hard drives on all *desktop* computers as well.  I’ve been down this path before 
(in a couple of previous work environments), so I’m keenly aware of the pros/cons of adopting this kind of default 
stance.  However – we’re wondering what the rest of the academic world is doing….

In short – operating under the assumption that encrypting most (if not all) laptops is a good idea – what do the rest 
of you do when it comes to encrypting your desktop computers?  Do you:

  *   Encrypt any of them?
  *   Encrypt ALL of them?
  *   Encrypt only faculty/staff computers?
  *   Encrypt only certain ones?.....which ones?  What’s the criteria?
  *   Make encryption an option left up to the department or user?

Looking forward to the collective responses….

Thanks,

Michael

Current thread:

A "default stance" question for my esteemed Educause colleagues.... Michael Schalip (Apr 11)
- Re: A "default stance" question for my esteemed Educause colleagues.... Davis, Chris (Apr 11)
- Re: A "default stance" question for my esteemed Educause colleagues.... David D Grisham (Apr 11)
- Re: A "default stance" question for my esteemed Educause colleagues.... Minh Nguyen (Apr 11)
- Re: A "default stance" question for my esteemed Educause colleagues.... Gregg, Christopher S. (Apr 11)
- <Possible follow-ups>
- Re: A "default stance" question for my esteemed Educause colleagues.... Joel Garmon (Apr 12)