RE: Encrytped USB Key quick win solution‏

["Smith, Ryan" <rsmith () cff org>]

I personally haven’t used FreeOTFE Explorer, however you may want to check out Iron Key. It isn't freeware or 
opensource but it is a rock solid product.  I personally use them here at our organization. The enterprise version 
allows everything you are looking for and more.

https://www.ironkey.com/enterprise

Ryan

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Secure Net
Sent: Wednesday, September 30, 2009 5:12 PM
To: security-basics () lists securityfocus com
Subject: Encrytped USB Key quick win solution‏


Hi,

I'm working in a large enterprise that will look next year for an "enterprise class solution" that can handle all the 
life cycle of USB key that use encryption.

But now, we have to find a quick win solution that we can put in production shortly with a limited budget.

I personally used Truecrypt for several years but here the reason why I don’t want to use it for an enterprise solution:

1-If the user lost the password of his USB key, you are dead
2-If the user go on a computer that don't already have Truecrypt installed, you need administrative privilege

I did some search and I tried FreeOTFE (http://www.freeotfe.org/)

It does what I wanted to:

1-Technical Support will be able to create a backup key before giving the USB key to the user. So they will be able to 
recover the data if the user lost his password.
2-There is a utility called FreeOTFE Explorer that can open the encrypted volume on the USB Key in the case you don't 
have administrative privilege on the computer. The app is not very quick but it seems to do the job.

My question is: Did someone had any bad experience with this app? If yes, did you find a better one that did the things 
I mentioned before and was working fine?

Thanks

JEP                                       
_________________________________________________________________
Avec Windows Live, vous gardez le contact avec tous vos amis au même endroit.
http://go.microsoft.com/?linkid=9660830

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

DISCLAIMER:
This e-mail may contain confidential information, may be protected by applicable privileges, and may constitute 
non-public information.  It is intended to be conveyed only to the designated recipient(s) of the message.  If you are 
not an intended recipient of this message, please notify the sender at (800) FIGHT CF.  Unauthorized use, 
dissemination, distribution or reproduction of this message is strictly prohibited and may be unlawful.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------