Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pointsec vs. Guardian Edge

From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Tue, 16 Jan 2007 14:20:05 -0700
the user as possible.  If an incident ever occurred where a 
laptop was lost or stolen, we wanted to be able to stand up 
in front of Channel (you fill in the channel number) and say 
"the laptop was lost but the data was completely protected 
because the entire hard drive was encrypted"


 We are also beginning to evaluate FDE, especially after we heard about
the Federal Government vendor contest. [1] But, just to be clear, you
can say that to TV Channel X only *if* the computer was powered off,
right? The trade-off with user transparency is that the encryption is
only in place when the device is off, which is not a highly common state
for laptops. Therefore, I've seen some suggestions that you use FDE, and
*still* suggest encrypting things within the OS. This way, you are doing
*your* best to protect the user, but you are making it clear that they
share some of the responsibility. 

[1] http://www.full-disk-encryption.net/fde_govt.html

~~~~~~~~~~~~~~~~~~
Brian Basgen
IT Systems Architect, Security
Pima Community College
Previous By Date Next
Previous By Thread Next

Current thread: