Security Basics mailing list archives
RE: List of Full Disc Encryption products
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Thu, 6 Jul 2006 04:49:46 -0400
I like product idea, just the not the "...security requirements" marketing statement. Requirements implies a mandate, legal, corporate, or otherwise. I had never seen a law, regulatory guideline, or even corporate security policy state this. I just wanted clarification. Thanks. -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Wednesday, July 05, 2006 11:10 PM To: Roger A. Grimes Cc: security-basics Subject: Re: List of Full Disc Encryption products
I don't believe your second sentence. Prove me wrong. What mandate says that full hard drive encryption is mandatory versus just encrypting the necessary files and folders? Give me the law and
subsection. I never said that there is a federal/state law/mandate that requires full disc encryption. See my second sentence below: SA said: "Encrypting individual files or storing data in encrypted vaults does NOT meet the security requirements anymore." A government agency, however, may set certain guidelines/requirements without a law/mandate in place. And there are some agencies doing just that in DC. The following are some reasons why full disc encryption is preferable. 1) Encryption of temporary / swap is important as confidential data maybe revealed from these files in case of HDD theft. 2) Quick Erase functionality as advertised by Seagate's FDE.2 drive provide immediate data destruction by replacing the AES key on the ASIC. This can save thousands of dollar the agency spends in proper destruction of the HDD. See http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf 3) user-proof. everything is encrypted if FDE is enabled. 4) pre-boot authentication. -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ----------- --------------------------------------------------------------------------- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ---------------------------------------------------------------------------
Current thread:
- Re: List of Full Disc Encryption products, (continued)
- Re: List of Full Disc Encryption products Eric Furman (Jul 06)
- Re: List of Full Disc Encryption products Ow Mun Heng (Jul 06)
- Re: List of Full Disc Encryption products Ansgar -59cobalt- Wiechers (Jul 10)
- Message not available
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- Re: List of Full Disc Encryption products Eric Furman (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- RE: List of Full Disc Encryption products Sadler, Connie (Jul 06)
- Re: List of Full Disc Encryption products Stephen John Smoogen (Jul 07)
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- Re: List of Full Disc Encryption products Dereck Martin (Jul 07)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 07)
- RE: List of Full Disc Encryption products Steve Armstrong (Jul 10)