Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: List of Full Disc Encryption products

From: pemoore () fedex com
Date: 10 Jul 2006 20:03:00 -0000
Speaking of mitigation of risk:

It is important to note that regardless of the technology, people are usually the weakest link when employing some use 
of encryption. If the tools are too cumbersome to use, they will not encrypt the data properly. If personnel are not 
properly trained, then you will not realize the ROI for your encrytion products, that we so desperately try to prove 
everyday.  

How we interact with sensitive data should be molded and shaped through a combination of policy, enforcement, training 
and the use of the latest tools and techniques.  Risk mitigation does not stop with the decision to use full disc or 
file level encryption. And I agree, totally, that encryption is not a "silver bullet" to this problem, but only a 
component of the overall solution. 

-Paul Moore
 Security & Business Continuity
 FedEx Corporation

---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and  
practice to master. We can't teach you to hack. But we can teach you  
what we've learned so far. Our courses are honest, real, technical  
and practical. SensePost willl be at Black Hat Vegas in July. To see  
what we're about, visit us at: 

http://www.sensepost.com/training.html
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: