Educause Security Discussion mailing list archives

Re: pointsec vs. Guardian Edge

From: "Lovaas,Steven R" <Steven.Lovaas () COLOSTATE EDU>
Date: Sat, 13 Jan 2007 14:03:32 -0700

One thing to remember about encryption in Vista... version 1.1 of the PCI DSS (September 2006) requires encryption of 
credit card data with an encrypting utility that does *not* rely on access control mechanisms in the OS. This was 
presumably designed to rule out EFS, but would likely also apply to Vista's full-disk encryption.

The actual excerpt:

3.4.1 If disk encryption is used (rather than file- or column-level database encryption), logical
access must be managed independently of native operating system access control mechanisms (for example, by not using 
local system or Active Directory accounts). Decryption keys must not be tied to user accounts.

https://www.pcisecuritystandards.org/pdfs/pci_dss_v1-1.pdf

Steve Lovaas
Colorado State University

________________________________________
From: Steve Brukbacher [sab2 () UWM EDU]
Sent: Saturday, January 13, 2007 1:14 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] pointsec vs. Guardian Edge

That's exactly the problem with that solution from our perspective.
We're in no big hurry to get to Vista.  We'd rather let other beta test
the come on board after service pack 1.
Plus I like the idea of a third party product for this purpose.

--
Steve Brukbacher, CISSP
University of Wisconsin Milwaukee
Information Security Coordinator
UWM Computer Security Web Site
www.security.uwm.edu
Phone: 414.229.2224



Solomon Asmelash wrote:

Steve,

Vista has the capability of full drive encryption. Have you considered
that option? That may involve fast forwarding migration to the new OS.

Solomon

-----Original Message-----
From: Steve Brukbacher [mailto:sab2 () UWM EDU]
Sent: Friday, January 12, 2007 10:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] pointsec vs. Guardian Edge

Hello,
We are looking into whole hard drive encryption products.  We've
narrowed it down to Pointsec and Guardian Edge. Anyone have experience
with either of these or both?  Are you aware of any issues related to
supportability that a buyer should be aware of?

Current thread:

Re: pointsec vs. Guardian Edge, (continued)
- Re: pointsec vs. Guardian Edge Maloney, Michael (Jan 12)
- Re: pointsec vs. Guardian Edge Solomon Asmelash (Jan 12)
- Re: pointsec vs. Guardian Edge Pettis, Frederick (Jan 12)
- Re: pointsec vs. Guardian Edge Roger Safian (Jan 12)
- Re: pointsec vs. Guardian Edge Michael Sana (Jan 12)
- Re: pointsec vs. Guardian Edge Pettis, Frederick (Jan 12)
- Re: pointsec vs. Guardian Edge Roger Safian (Jan 12)
- Re: pointsec vs. Guardian Edge Pettis, Frederick (Jan 12)
- Re: pointsec vs. Guardian Edge Paul DeStefano (Jan 12)
- Re: pointsec vs. Guardian Edge Steve Brukbacher (Jan 13)
- Re: pointsec vs. Guardian Edge Lovaas,Steven R (Jan 13)
- Re: pointsec vs. Guardian Edge Logan, Kimberly (loganks) (Jan 16)
- Re: pointsec vs. Guardian Edge Schmidt, Eric W (Jan 16)
- Re: pointsec vs. Guardian Edge Basgen, Brian (Jan 16)
- Re: pointsec vs. Guardian Edge Clifford Collins (Jan 19)
- Re: pointsec vs. Guardian Edge Steve Brukbacher (Jan 19)
- Re: pointsec vs. Guardian Edge Harold Winshel (Jan 19)