Re: Product request - Enterprise whole disk encryption for laptops

[Harold Winshel <winshel () CAMDEN RUTGERS EDU>]

Yes and, the more hoops they need to go through, 
the less inclined they might be to storing sensitive info locally.

Harold

At 01:19 PM 7/20/2006, Waller, Michael A. (HSC) wrote:
> We're working towards this. Basically, we 
> understand that there will be some need, but 
> we're going to make those who want to keep 
> sensitive data on a portable device aware of the 
> risks and make them jump through some additional 
> hoops. This way, the user is more aware of the 
> risk and supervisors/department heads/deans/IT 
> have a much clearer picture of what's out in the wild.
>
> Mike Waller   CISSP
> Information Technology, Information Security Services
> The University of Oklahoma Health Sciences Center
>
> -----Original Message-----
> From: Harold Winshel [mailto:winshel () CAMDEN RUTGERS EDU]
> Sent: Monday, July 17, 2006 9:51 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Product request - 
> Enterprise whole disk encryption for laptops
>
> I agree that there are probably many more 
> computers that have sensitive data on them than 
> is necessary for business reasons.  And that on 
> a lot of those machines the users probably don't 
> even realize what's on their computers.
>
> An approach that is very appealing to me is that 
> of requiring users to make a case for their need 
> to store sensitive data locally and to get 
> formal permission to do so.  I think this would 
> do a few things.  One, it would have an 
> inhibiting effect on those who want to store 
> sensitive data but don't have a strong case for 
> it and, two, it would bring to the attention of 
> the IT staff those who do store sensitive stuff, 
> so that the IT staff can keep a closer watch on those users.
>
> Harold
>
>
>
> At 09:18 AM 7/17/2006, Roger Safian wrote:
> >At 01:44 PM 7/15/2006, Charlie Prothero put fingers to keyboard and wrote:
> > >Roger's comment on risk management brings to
> > mind the question of whether or not
> > >someone should even be allowed to put
> > sensitive data on a laptop, though this is
> > >a bit off-topic vis-à-vis this
> > discussion.  Citrix, MS Terminal Services, VNC
> >
> >Personally I think the risk of sensitive data on a laptop, is only
> >slightly larger that the same data on the network.  They both
> >potentially have the same risk of data lose 
> through a network breach.  The laptop is easier to steal.
> >In most cases the business needs outweigh that risk, especially if the
> >data is encrypted.
> >
> >The issue I see is does *any* machine need access to sensitive data?
> >Speaking just from my experience I'd say that there are plenty of
> >machines with sensitive data that are both not secure AND do not need
> >the data on them in the first place.
> >
> >
> >--
> >Roger A. Safian
> >r-safian () northwestern edu (email) public key available on many key servers.
> >(847) 491-4058   (voice)
> >(847) 467-6500   (Fax) "You're never too old to have a great childhood!"
>
> Harold Winshel
> Computing and Instructional Technologies Faculty 
> of Arts & Sciences Rutgers University, Camden Campus
> 311 N. 5th Street, Room B36 Armitage Hall Camden NJ 08102
> (856) 225-6669 (O)

Harold Winshel
Computing and Instructional Technologies
Faculty of Arts & Sciences
Rutgers University, Camden Campus
311 N. 5th Street, Room B36 Armitage Hall
Camden NJ 08102
(856) 225-6669 (O)