Re: Looking for a laptop encryption policy for institutionally-owned laptops

["Gibson, Nathan J. (HSC)" <Nathan-Gibson () OUHSC EDU>]

As would I!
 
Thanks

--Nate

V/R,
Nathan J. Gibson, CISSP
Information Technology, Information Security Services
The University of Oklahoma Health Sciences Center
Rogers Building, Room 128
Office: (405) 271-2476
Fax: (405) 271-2181
Cell: TBD
http://it.ouhsc.edu/services/infosecurity


Confidentiality Notice
This e-mail, including any attachments, contains information from the University of Oklahoma Health Sciences Center, 
which may be confidential or privileged. The information is intended to be for the use of the individual or entity 
named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the 
contents of this information is prohibited.
 
If you have received this e-mail in error, please notify the sender immediately by a "reply to sender only" message and 
destroy all electronic and hard copies of the communication, including attachments.

-----Original Message-----
From: Paul Keser [mailto:pkeser () STANFORD EDU] 
Sent: Thursday, March 22, 2007 10:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Looking for a laptop encryption policy for institutionally-owned laptops

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nathaniel-

I would definitely like a copy or the link to it when it is available.

- -PaulK

HALL, NATHANIEL D. wrote:
> I just finished doing some basic research on Vista's BitLocker
> Drive Encryption using Active Directory.  It seems to be pretty
> good, but I did not get down to the nitty gritty to see what I
> could read on the drive.
>
> By default, it uses AES 128 with a diffuser for encryption, the TPM
> in most new computers or a USB key, and can be easily scripted.  I
> find it is much better than EFS because it encrypts the entire
> partition, including the page file, and not just a directory that
> can easily be circumvented.
>
> If you would like a link to my presentation, please let me know and
> I will send you the link after I make it publicly available.
>
> -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Network Security System
> Administrator OTC Computer Networking
>
> Office: (417) 447-7535
>
> -----Original Message----- From: Ardoth Hassler
> [mailto:hasslera () GEORGETOWN EDU] Sent: Thursday, March 22, 2007
> 10:08 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY]
> Looking for a laptop encryption policy for institutionally-owned
> laptops
>
> Hi.... I'm in search of a sample policy that addresses encryption
> of institutionally-owned laptops. Thanks in advance for sharing.
>
> Ardoth
>
> (Also posted this to the ICPL list so I apologize for the cross
> post.)


- --
Paul Keser
Assoc. Information Security Officer
Stanford University
650.604.2186
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGAqaZO9nILSaZJPsRAm/9AJ9KCCz2+a+W3fdXqpTPH/ra60ZjzQCeLq7+
wcW8n9AEPJ8XevH2Qzo+hm8=
=VRmM
-----END PGP SIGNATURE-----