Re: Laptop encryption (what are you protecting against?)

[Greg Vickers <g.vickers () QUT EDU AU>]

Hi all,

Dennis Tracz wrote:
> Hello all,
>
> I am new to this list so please forgive me if this topic has already
> been covered.
> I am interested in knowing, what is the common practice for Laptop
> encryption, specifically:
>
> 1.  What is your current practice:
>     a.  Do you use encryption on laptops (for laptops you administer)
>     b.  Do you encrypt the entire hard drive or selected folders i.e.(
> My Documents)
>     c.  Do you use a commercial product or EFS
>     e.  If encryption is used is it automatically configured (for
> laptops you administer) or do users have a choice
>
> 2.  What is your desired practice if you do not use encryption on laptops
>
> a.  Is this something you are wanting, attempting or not wishing to do?
> b.  Would you encrypt the entire hard drive or selected folders i.e.( My
> Documents)
> c.  Would you use a commercial product or EFS?
> d.  Would you automatically encrypt (for laptops you administer) or
> would you let your users have a choice?

Just to throw a spanner in the works, what are people trying to protect
against with their implementation of this technology?

* Opportunity attack; loss/theft of a laptop?
* Targeted attack; attempt to retrieve sensitive information (by theft
or remote intrusion)
* Something else?

We are just about to start a project to investigate the technology
available and will be looking for something that is cross-platform and
centrally managed.

Cheers,
--
Greg Vickers
IT Security Engineer & Project Manager
IT Security, Network Services,
Information Technology Services
Queensland University of Technology
L12, 126 Margaret St, Brisbane

Phone: +61 7 3138 9536
Mobile: 0410 434 734
Fax: +61 7 3138 2921
Email: g.vickers () qut edu au
IT Security web site: http://www.its.qut.edu.au/itsecurity/

CRICOS No. 00213J