Security Basics mailing list archives
RE: Full Disk Laptop Encryption
From: "Bob Beringer" <bob.beringer () usa net>
Date: Thu, 27 Sep 2007 17:41:08 -0400
Rob, I have responded inline to respond directly to your last email: MAC agents, I do not know what you are referring to with this.
Meant to be "MAC FDE" == FDE for PowerBook, MacBook Pro's, ect...
Data-in-Motion - are you talking about data after it has physically left your hard drive. Ie. e-mail, thumbdrives, network traffic, etc...
Exactly! Now encryption can be managed centrally or remotely and can ensure cryptographically based chain of custody, from the sectors on the drive, through the Network and then on to the destination system or even to the field level in databases that might live on the destination systems as well. Everything is encrypted at the object level, so you can literally have a single word document that allows for three different viewers to see different levels of redacted documents or the like (there are many other cool things that their solution does, but this is one technique...)
Lastly, TECSEC has a very flexible and powerful solution for encrypting objects and other data in motion as well protecting as Data at Rest. (mind you in this case that flexible also might mean more initial set up time and effort...)
More setup time and effort is a small price to pay when you have a more efficient and properly configured solution deployed. It is well worth the time, IMO.
Agreed, but sometimes you want to know that the solution is going to take a bit of effort to properly plan and deploy, so that you don't assume it will be less effort and wind up over budget or red in the face due to over-committing to the folks around you. (So it was my way of putting a small disclaimer and friendly heads up, so that you know that along with more power comes more responsibility ;-))
I will have to check into this TECSEC. My curiosity is piqued. Thank you for the tip.
Ask to talk to Jay Wack and tell him that Bob Beringer sent you, he is a busy man but he is the right guy to talk to...
I hope that this information helps :-)
Very much so. Thank you kindly for your response. Very well written, by the way. :)
Your very welcome, its always a pleasure talking with you as well Rob...
v/r Bob +12404756858
Current thread:
- RE: Full Disk Laptop Encryption, (continued)
- RE: Full Disk Laptop Encryption Lafosse, Ricardo (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- Re: Full Disk Laptop Encryption gjgowey (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Re: Full Disk Laptop Encryption gjgowey (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Message not available
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 27)
- Message not available
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 27)
- RE: Full Disk Laptop Encryption Bob Beringer (Sep 28)
- Re: Full Disk Laptop Encryption gjgowey (Sep 28)
- Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)
- Re: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) gjgowey (Sep 28)
- RE: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)
- Re: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) gjgowey (Sep 28)
- RE: Full Disk Encryption, Digital Signatures and enterprise Data Analysis and Transactional Auditing (eDATA) Bob Beringer (Sep 28)
- Message not available
- Re: Full Disk Laptop Encryption Rob Thompson (Sep 28)
- Re: Full Disk Laptop Encryption gjgowey (Sep 28)