Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Laptop encryption

From: jkaftan <jkaftan () UTICA EDU>
Date: Mon, 8 Oct 2007 09:57:59 -0400
I am in.



  _____

From: Sarah Stevens [mailto:sarah () STEVENS-TECHNOLOGIES COM]
Sent: Monday, October 08, 2007 9:51 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption



I will be setting up a conference call for Wednesday at 11:00AM ET.  Is that
too soon, or can everyone make it at that time?  Let me know what you think,
as I can schedule at a later date, if necessary.  Once I receive responses
on interest level, I will send out an invite with the dial in number.



I am looking forward to this conversation, it will be interesting to share
the information obtained.



Thanks,



Sarah Stevens

Stevens Technologies



  _____

From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
Sent: Mon 10/8/2007 6:42 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

I am interested as well.

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
IT Security Officer, Brown University
Campus Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu,  Office: 401-863-7266

-----Original Message-----
From: Ewing, Ashley [mailto:aewing () UA EDU]
Sent: Monday, October 08, 2007 9:11 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

I would like to participate.

J. Ashley Ewing, CISSP, CISA
Director of Security and Compliance/CISO
Office of Information Technology (OIT)
The University of Alabama
A105 Gordon Palmer Hall (Box 870346)
Tuscaloosa, AL 35487-0346
Office: 205-348-6524
Cell:     205-535-0335

-----Original Message-----
From: Sarah Stevens [mailto:sarah () STEVENS-TECHNOLOGIES COM]
Sent: Friday, October 05, 2007 7:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

If there is interest, I would be willing to set up the telecon bridge.  We
have an inside bridge.  No fee for anyone who wants to take part.

Sarah Stevens
Stevens Technologies
--------------------------
Sent from my BlackBerry Wireless Handheld

----- Original Message -----
From: Paul Keser <pkeser () STANFORD EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Fri Oct 05 17:00:40 2007
Subject: Re: [SECURITY] Laptop encryption

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There seems to be a lot of interest on the list.  Do you guys want to
setup a conf call?  I haven't done that before but I can look into it if
you are interested.

I am in PST.

- -PaulK

Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Harold Winshel wrote:

Dennis,

Will do.  What days and times are good for you?  What time zone are you?

Harold

At 05:33 PM 10/5/2007, you wrote:

Hi Harold,

I would love to learn more about the research you are & have done. If
possible can I give you a call next week?

thanks

Dennis.

Harold Winshel wrote:

I work for a decentralized academic unit but we've been looking at a
number of enryption utilities the past year.  Some we've been using
on a light scale - other's we're still evaluating.

I'd put them into two classes - full disk and file / folder.

I'd also categorize them in another way: free, inexpensive (under $60
/ license) or expensive (above $60 / license).  Of course, with
volume purchases there can be big discounts available.

One program that we liked a lot was a free program called Truecrypt.
Besides being free, it is pretty easy to use and can be used on
different media (hard drives, CD's, etc.).  It's not full disk, which
can be a concern but, for a quick way of encrypting something, it works.

We've looked at some higher end products - both file / folder and
full disk, and are leaning toward the full disk.  I'd be glad to give
you more details if you're interested because we've spent a lot of
time doing research on different products.

Harold


At 04:53 PM 10/4/2007, Dennis Tracz wrote:

Hello all,
I am new to this list so please forgive me if this topic has already
been covered.
I am interested in knowing, what is the common practice for Laptop
encryption, specifically:
1.  What is your current practice:
   a.  Do you use encryption on laptops (for laptops you administer)
   b.  Do you encrypt the entire hard drive or selected folders
i.e.( My Documents)
   c.  Do you use a commercial product or EFS
   e.  If encryption is used is it automatically configured (for
laptops you administer) or do users have a choice

2.  What is your desired practice if you do not use encryption on
laptops
a.  Is this something you are wanting, attempting or not wishing to do?
b.  Would you encrypt the entire hard drive or selected folders
i.e.( My Documents)
c.  Would you use a commercial product or EFS?
d.  Would you automatically encrypt (for laptops you administer) or
would you let your users have a choice?

Any insight is greatly appreciated.  Thanks in advance

--
Dennis N. Tracz CISSP-ISSMP, CISM
Information Security Officer
University of Calgary
(403) 220-4010




Harold Winshel
Computing and Instructional Technologies
Faculty of Arts & Sciences
Rutgers University, Camden Campus
311 N. 5th Street, Room B10 Armitage Hall
Camden NJ 08102
(856) 225-6669 (O)


--
Dennis N. Tracz CISSP-ISSMP, CISM
Information Security Officer
University of Calgary
(403) 220-4010





Harold Winshel
Computing and Instructional Technologies
Faculty of Arts & Sciences
Rutgers University, Camden Campus
311 N. 5th Street, Room B10 Armitage Hall
Camden NJ 08102
(856) 225-6669 (O)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
<http://enigmail.mozdev.org/>

iD8DBQFHBtAoO9nILSaZJPsRAjMaAJ9jKQ1UvjtcW3UeZwShT3gE7hXDZgCfR8n8
u1PelSm0uHGZFma0+7MYt14=
=hBTt
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: