Security Basics mailing list archives
Re: FW: VA Loses another Hard Drive with data on 48,000 veterans
From: "kevin fielder" <kevin.fielder () gmail com>
Date: Wed, 7 Feb 2007 10:48:29 +0000
Hi I can comment on a product called SafeBoot that we currently use. This product works very well, with centralised management, allowing control of password policies etc. Performance is not affected to a great degree, you do notice the speed of boot up being slower, but in general use (e.g. opening / saving documents and emails etc) the performance is not noticeably impacted. A couple of things to bear in mind when looking at these products you want to use a genuine full disk encryption product that requires some form of authentication prior to any sort of access to the O/S, and you should also ensure that it can block hibernate type functionality to ensure that the machine is shut down each time the user finishes work - if hibernate is permitted you have a situation where if stollen the laptop can be opened and the thief is faced with the windows prompt and a drive that has already had the credentials entered to allow access to the data on it. Cheers Kevin
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Saqib Ali Sent: 06 February 2007 05:13 To: Ed Cc: security-basics Subject: Re: VA Loses another Hard Drive with data on 48,000 veterans Try several FDE solution before you settle on one. Most of the FDE solutions provide 128bit AES encryption, but some are easier to use then others. Also some offer challenge/response based password recovery, which can be *very* helpful. Another thing to keep in mind is that the encryption solution must be transparent to the user and must be straight-forward to setup. You can find a rather complete list of FDE solutions at: http://www.full-disk-encryption.net/Full_Disc_Encryption.html On 2/5/07, Ed <security () kdtc net> wrote: > Saqib Ali wrote: > > http://www.full-disk-encryption.net/news/article329.html > > > > Associated Press is reporting that a portable hard drive belonging > > to Veteran's Administration has been stolen. The Official Press > > Release is available at the VA website. > > This is something I'm glad I can keep track of here. This past year > alone has shown that it is easy to take things for granted and expect > things to stay where they are, when in fact, one shouldn't. > Unfortunately, I seem to be one of these people who have gotten a > 'little slack' in terms of maintaining a secured network. (Can never > get my point across to users and bosses on security issues. They > never seem to understand that P2P and Skype really don't really belong > in a corporate environment. The only consideration is 'low cost' and > 'convenient'). > > Anyway, there's certainly a plethora of solutions for encryption(whole > disk or otherwise). Does anyone here have any good suggestions? > > So far, I'm looking at PGP Whole Disk and it looks promising. > > Thanks. > > Edmund > -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net
Current thread:
- VA Loses another Hard Drive with data on 48,000 veterans Saqib Ali (Feb 05)
- Re: VA Loses another Hard Drive with data on 48,000 veterans Ed (Feb 06)
- Re: VA Loses another Hard Drive with data on 48,000 veterans Saqib Ali (Feb 06)
- <Possible follow-ups>
- Re: VA Loses another Hard Drive with data on 48,000 veterans Anonymous (Feb 06)
- Re: VA Loses another Hard Drive with data on 48,000 veterans jfvanmeter (Feb 07)
- Re: VA Loses another Hard Drive with data on 48,000 veterans Justin Ross (Feb 07)
- Re: Re: VA Loses another Hard Drive with data on 48,000 veterans security (Feb 07)
- Re: FW: VA Loses another Hard Drive with data on 48,000 veterans kevin fielder (Feb 07)
- Re: VA Loses another Hard Drive with data on 48,000 veterans Ed (Feb 06)