Re: Looking for a laptop encryption policy for institutionally-owned laptops

[Paul Keser <pkeser () STANFORD EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nathaniel-

I would definitely like a copy or the link to it when it is available.

- -PaulK

HALL, NATHANIEL D. wrote:
> I just finished doing some basic research on Vista's BitLocker
> Drive Encryption using Active Directory.  It seems to be pretty
> good, but I did not get down to the nitty gritty to see what I
> could read on the drive.
>
> By default, it uses AES 128 with a diffuser for encryption, the TPM
> in most new computers or a USB key, and can be easily scripted.  I
> find it is much better than EFS because it encrypts the entire
> partition, including the page file, and not just a directory that
> can easily be circumvented.
>
> If you would like a link to my presentation, please let me know and
> I will send you the link after I make it publicly available.
>
> -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Network Security System
> Administrator OTC Computer Networking
>
> Office: (417) 447-7535
>
> -----Original Message----- From: Ardoth Hassler
> [mailto:hasslera () GEORGETOWN EDU] Sent: Thursday, March 22, 2007
> 10:08 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY]
> Looking for a laptop encryption policy for institutionally-owned
> laptops
>
> Hi.... I'm in search of a sample policy that addresses encryption
> of institutionally-owned laptops. Thanks in advance for sharing.
>
> Ardoth
>
> (Also posted this to the ICPL list so I apologize for the cross
> post.)


- --
Paul Keser
Assoc. Information Security Officer
Stanford University
650.604.2186
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGAqaZO9nILSaZJPsRAm/9AJ9KCCz2+a+W3fdXqpTPH/ra60ZjzQCeLq7+
wcW8n9AEPJ8XevH2Qzo+hm8=
=VRmM
-----END PGP SIGNATURE-----