Re: Laptop Encryption & Hibernation

["Kevin Snively" <kevinsnively () comcast net>]

[Hope you don't mind me sharing this back with the group.]

The solution I gave you comes from a corporate environment.  (Always
remember the KISS * principle - not my quote - feel free to use as needed).
One password was used for all laptop users. True, not full proof, but it
does get the job done and adds a level of security. This is a JIC (Just In
Case) someone looses their laptop/notebook in someplace such as an airport
terminal. Company secrets are not compromised. Now combine the BIOS password
with the added security of NTFS and at minimal decent password schema and
presto you have utilized C2 level security in proper measure.


On the other note -- You should, as a "good" network admin (even if you're
not one - meaning network admin), be documenting everything somewhere in
writing.
E.g. everything you or anyone else is doing to hardware, software or network
configuration in your company that changes it from the "out of the box"
defaults. Documentation should live in a secure place. If not the server
room then a VP (VicePresidents) or Managers office. Traditionally IT
(Information Technology), and before then IS (Information Systems) depts.
were funded, managed and overseen by financial officers or comptrollers (or
controllers depending on field of discipline  i.e. manufacturing or
financial institution). Now many shops or corporations have a VP of IT or
something similar.

On the other note: Hopefully the people of whom you suggest (the secretive
Net admin or such -- when we let them write programs they are known as
spaghetti coders) have long since become a thing of the past and a story we
tell when things are slow - such as the "three envelopes story" (common to
most introductions to computer security basics).

Now back to documentation, "very important". All this simple yet good
documentation "should" live in an office such as suggested above (as well as
in some secure directory on a server). Pages can be added and the "book" can
be checked out as needed (the "Book" should be signed for by employees if
needed - this is for always knowing the location of the documentation). You
should be getting the idea and if I say anymore I'd be tempted to charge or
send a bill somewhere <smile>.

Btw (ByTheWay)  BIOSs are not passworded the way you are suggesting. Simply
removing power from the bios (remove battery or battery connection on MB
(motherboard) will reset any passwords and "Clear" the BIOS back to
defaults - not an expensive or complicated fix. This depends on make and
model of MB. Also some (such as Dell, if memory serves me) have a reset
shunt (aka jumper) and on others you have to remove power by disconnecting
the battery.


* KISS - Keep It Simple Silly (silly sometime replaced by other S words - In
reference to myself I use Stupid). Keeping this in mind saves much pain,
toil and trouble.  This is listed next to why most (including Moi) techs
have flat foreheads.


And I have know idea why I feel so talkative today. And forgive me if I have
been a bit too wordy. But, I will share one last piece of info with you (and
this is with a smile in my eyes):  Remember never assume anyone knows what
your doing (including yourself). And always fully explain terms and
terminology (for instance if you are in IT the term ISP means Internet
Service Provider -- BUT if you're in sales it means Item Specific Pricing.
Hmmm - Yes, real Oceanographers know all about DSL but they think it means
Deep Scattering Layers.

I have always maintained the theory of telling others what I am doing and
explaining it in non technical terms (not limiting my audience). For me,
this saves much grief and confusion and worst case, if I forget what I am
doing, they can remind me. <wink>


regards,
Kevin Snively
The HelpDesk Inc ®
615-781-1922 (office)
615-582-0877 (Mobile)


----- Original Message ----- 
From: "Jonathan Loh" <kj6loh () yahoo com>
To: "Kevin Snively" <kevinsnively () comcast net>
Sent: Wednesday, September 22, 2004 5:42 PM
Subject: Re: Laptop Encryption & Hibernation


> I'm not sure that will work so well in a corporate setting.  Remember prom
or
> eprom passwords?  When a sysadmin left the company no one else knew the
> password.  So the computer is basically useless, unless you pay the
company
> some money to get the bios replaced.
> --- Kevin Snively <kevinsnively () comcast net> wrote:
>
> > How about something as simple as a bios password? Works for me.
> >
> > reguards,
> > Kevin Snively
> > The HelpDesk Inc ®
> > 615-781-1922 (office)
> > 615-582-0877 (Mobile)
> >
> > ----- Original Message ----- 
> > From: "James McGee" <J.McGee () syn-tec com>
> > To: "Security Basics[List]" <security-basics () securityfocus com>
> > Sent: Sunday, September 19, 2004 10:28 AM
> > Subject: Laptop Encryption & Hibernation
> >
> >
> > Hi
> >
> > We are trying to find a centrally manageable solution that we can deploy
> > to 2000 Laptop users.
> >
> > The majority of our users also make frequent use of the hibernation
> > function within WinXP.
> >
> > The problem lies with the fact that we can't seem to get a hard drive
> > encryption tool that will enable users to continue to use the
> > hibernation function.
> >
> > We have 2 options that I can recommend; bin the hibernation
> > functionality or use a file and folder level encryption product, neither
> > of which are the ideal solution for the situation.
> >
> > I am sure we are not the first to come across this problem, so I was
> > wondering how anyone else has overcome it.
> >
> > Apparently the people who make entire hard-drive encryption products are
> > aware of the issue and are working with MS to get it sorted, but how
> > long that will take is anyone's guess.
> >
> > Any help or advice is appreciated..
> >
> > Thanks
> >
> >
> >
> > JM
>
> --------------------------------------------------------------------------
-
> > Computer Forensics Training at the InfoSec Institute. All of our class
sizes
> > are guaranteed to be 12 students or less to facilitate one-on-one
> > interaction with one of our expert instructors. Gain the in-demand
skills of
> > a certified computer examiner, learn to recover trace data left behind
by
> > fraud, theft, and cybercrime perpetrators. Discover the source of
computer
> > crime and abuse so that it never happens again.
> >
> > http://www.infosecinstitute.com/courses/computer_forensics_training.html
>
> --------------------------------------------------------------------------
--
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.766 / Virus Database: 513 - Release Date: 9/17/04
>
> --------------------------------------------------------------------------
-
> > Computer Forensics Training at the InfoSec Institute. All of our class
sizes
> > are guaranteed to be 12 students or less to facilitate one-on-one
> > interaction with one of our expert instructors. Gain the in-demand
skills of
> > a certified computer examiner, learn to recover trace data left behind
by
> > fraud, theft, and cybercrime perpetrators. Discover the source of
computer
> > crime and abuse so that it never happens again.
> >
> > http://www.infosecinstitute.com/courses/computer_forensics_training.html
>
> --------------------------------------------------------------------------
--
> >
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - 50x more storage than other providers!
> http://promotions.yahoo.com/new_mail


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.766 / Virus Database: 513 - Release Date: 9/17/04


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------