Educause Security Discussion mailing list archives
Re: Product request - Enterprise whole disk encryption for laptops
From: Harold Winshel <winshel () CAMDEN RUTGERS EDU>
Date: Thu, 20 Jul 2006 20:21:27 -0400
Yes and, the more hoops they need to go through, the less inclined they might be to storing sensitive info locally.
Harold At 01:19 PM 7/20/2006, Waller, Michael A. (HSC) wrote:
We're working towards this. Basically, we understand that there will be some need, but we're going to make those who want to keep sensitive data on a portable device aware of the risks and make them jump through some additional hoops. This way, the user is more aware of the risk and supervisors/department heads/deans/IT have a much clearer picture of what's out in the wild.Mike Waller CISSP Information Technology, Information Security Services The University of Oklahoma Health Sciences Center -----Original Message----- From: Harold Winshel [mailto:winshel () CAMDEN RUTGERS EDU] Sent: Monday, July 17, 2006 9:51 PM To: SECURITY () LISTSERV EDUCAUSE EDUSubject: Re: [SECURITY] Product request - Enterprise whole disk encryption for laptopsI agree that there are probably many more computers that have sensitive data on them than is necessary for business reasons. And that on a lot of those machines the users probably don't even realize what's on their computers.An approach that is very appealing to me is that of requiring users to make a case for their need to store sensitive data locally and to get formal permission to do so. I think this would do a few things. One, it would have an inhibiting effect on those who want to store sensitive data but don't have a strong case for it and, two, it would bring to the attention of the IT staff those who do store sensitive stuff, so that the IT staff can keep a closer watch on those users.Harold At 09:18 AM 7/17/2006, Roger Safian wrote: >At 01:44 PM 7/15/2006, Charlie Prothero put fingers to keyboard and wrote: > >Roger's comment on risk management brings to > mind the question of whether or not > >someone should even be allowed to put > sensitive data on a laptop, though this is > >a bit off-topic vis-à-vis this > discussion. Citrix, MS Terminal Services, VNC > >Personally I think the risk of sensitive data on a laptop, is only >slightly larger that the same data on the network. They both>potentially have the same risk of data lose through a network breach. The laptop is easier to steal.>In most cases the business needs outweigh that risk, especially if the >data is encrypted. > >The issue I see is does *any* machine need access to sensitive data? >Speaking just from my experience I'd say that there are plenty of >machines with sensitive data that are both not secure AND do not need >the data on them in the first place. > > >-- >Roger A. Safian >r-safian () northwestern edu (email) public key available on many key servers. >(847) 491-4058 (voice) >(847) 467-6500 (Fax) "You're never too old to have a great childhood!" Harold WinshelComputing and Instructional Technologies Faculty of Arts & Sciences Rutgers University, Camden Campus311 N. 5th Street, Room B36 Armitage Hall Camden NJ 08102 (856) 225-6669 (O)
Harold Winshel Computing and Instructional Technologies Faculty of Arts & Sciences Rutgers University, Camden Campus 311 N. 5th Street, Room B36 Armitage Hall Camden NJ 08102 (856) 225-6669 (O)
Current thread:
- Re: Product request - Enterprise whole disk encryption for laptops, (continued)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Mark Newman (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Mark Newman (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Valdis Kletnieks (Jul 17)
- Re: Product request - Enterprise whole disk encryption for laptops Charlie Prothero (Jul 18)
- Re: Product request - Enterprise whole disk encryption for laptops Russell Fulton (Jul 19)
- Re: Product request - Enterprise whole disk encryption for laptops Waller, Michael A. (HSC) (Jul 20)
- Re: Product request - Enterprise whole disk encryption for laptops Harold Winshel (Jul 20)