Educause Security Discussion mailing list archives

Re: Laptop encryption

From: Greg Vickers <g.vickers () QUT EDU AU>
Date: Tue, 9 Oct 2007 09:28:03 +1000

Hi Sarah,

Sarah Stevens wrote:

I will be setting up a conference call for Wednesday at 11:00AM ET.  Is
that too soon, or can everyone make it at that time?  Let me know what
you think, as I can schedule at a later date, if necessary.  Once I
receive responses on interest level, I will send out an invite with the
dial in number.


Looking at
http://en.wikipedia.org/wiki/List_of_U.S._states_by_time_zone, I assume
ET is UTC -5, so that'll be 4AM Thursday morning here in Queensland,
Australia - will there be a summary of the discussion?

I am looking forward to this conversation, it will be interesting to
share the information obtained.


Me too! :)

------------------------------------------------------------------------
*From:* Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
*Sent:* Mon 10/8/2007 6:42 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Laptop encryption

I am interested as well.

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
IT Security Officer, Brown University
Campus Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu,  Office: 401-863-7266

-----Original Message-----
From: Ewing, Ashley [mailto:aewing () UA EDU]
Sent: Monday, October 08, 2007 9:11 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

I would like to participate.

J. Ashley Ewing, CISSP, CISA
Director of Security and Compliance/CISO
Office of Information Technology (OIT)
The University of Alabama
A105 Gordon Palmer Hall (Box 870346)
Tuscaloosa, AL 35487-0346
Office: 205-348-6524
Cell:     205-535-0335

-----Original Message-----
From: Sarah Stevens [mailto:sarah () STEVENS-TECHNOLOGIES COM]
Sent: Friday, October 05, 2007 7:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption

If there is interest, I would be willing to set up the telecon bridge.
We have an inside bridge.  No fee for anyone who wants to take part.

Sarah Stevens
Stevens Technologies
--------------------------
Sent from my BlackBerry Wireless Handheld

----- Original Message -----
From: Paul Keser <pkeser () STANFORD EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Fri Oct 05 17:00:40 2007
Subject: Re: [SECURITY] Laptop encryption

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There seems to be a lot of interest on the list.  Do you guys want to
setup a conf call?  I haven't done that before but I can look into it if
you are interested.

I am in PST.

- -PaulK

Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Harold Winshel wrote:
 > Dennis,
 >
 > Will do.  What days and times are good for you?  What time zone are you?
 >
 > Harold
 >
 > At 05:33 PM 10/5/2007, you wrote:
 >> Hi Harold,
 >>
 >> I would love to learn more about the research you are & have done. If
 >> possible can I give you a call next week?
 >>
 >> thanks
 >>
 >> Dennis.
 >>
 >> Harold Winshel wrote:
 >>> I work for a decentralized academic unit but we've been looking at a
 >>> number of enryption utilities the past year.  Some we've been using
 >>> on a light scale - other's we're still evaluating.
 >>>
 >>> I'd put them into two classes - full disk and file / folder.
 >>>
 >>> I'd also categorize them in another way: free, inexpensive (under $60
 >>> / license) or expensive (above $60 / license).  Of course, with
 >>> volume purchases there can be big discounts available.
 >>>
 >>> One program that we liked a lot was a free program called Truecrypt.
 >>> Besides being free, it is pretty easy to use and can be used on
 >>> different media (hard drives, CD's, etc.).  It's not full disk, which
 >>> can be a concern but, for a quick way of encrypting something, it
works.
 >>>
 >>> We've looked at some higher end products - both file / folder and
 >>> full disk, and are leaning toward the full disk.  I'd be glad to give
 >>> you more details if you're interested because we've spent a lot of
 >>> time doing research on different products.
 >>>
 >>> Harold
 >>>
 >>>
 >>> At 04:53 PM 10/4/2007, Dennis Tracz wrote:
 >>>> Hello all,
 >>>> I am new to this list so please forgive me if this topic has already
 >>>> been covered.
 >>>> I am interested in knowing, what is the common practice for Laptop
 >>>> encryption, specifically:
 >>>> 1.  What is your current practice:
 >>>>    a.  Do you use encryption on laptops (for laptops you administer)
 >>>>    b.  Do you encrypt the entire hard drive or selected folders
 >>>> i.e.( My Documents)
 >>>>    c.  Do you use a commercial product or EFS
 >>>>    e.  If encryption is used is it automatically configured (for
 >>>> laptops you administer) or do users have a choice
 >>>>
 >>>> 2.  What is your desired practice if you do not use encryption on
 >>>> laptops
 >>>> a.  Is this something you are wanting, attempting or not wishing
to do?
 >>>> b.  Would you encrypt the entire hard drive or selected folders
 >>>> i.e.( My Documents)
 >>>> c.  Would you use a commercial product or EFS?
 >>>> d.  Would you automatically encrypt (for laptops you administer) or
 >>>> would you let your users have a choice?
 >>>>
 >>>> Any insight is greatly appreciated.  Thanks in advance
 >>>>
 >>>> --
 >>>> Dennis N. Tracz CISSP-ISSMP, CISM
 >>>> Information Security Officer
 >>>> University of Calgary
 >>>> (403) 220-4010
 >>>>
 >>>>
 >>>
 >>> Harold Winshel
 >>> Computing and Instructional Technologies
 >>> Faculty of Arts & Sciences
 >>> Rutgers University, Camden Campus
 >>> 311 N. 5th Street, Room B10 Armitage Hall
 >>> Camden NJ 08102
 >>> (856) 225-6669 (O)
 >>
 >> --
 >> Dennis N. Tracz CISSP-ISSMP, CISM
 >> Information Security Officer
 >> University of Calgary
 >> (403) 220-4010
 >>
 >>
 >>
 >
 > Harold Winshel
 > Computing and Instructional Technologies
 > Faculty of Arts & Sciences
 > Rutgers University, Camden Campus
 > 311 N. 5th Street, Room B10 Armitage Hall
 > Camden NJ 08102
 > (856) 225-6669 (O)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
<http://enigmail.mozdev.org/>

iD8DBQFHBtAoO9nILSaZJPsRAjMaAJ9jKQ1UvjtcW3UeZwShT3gE7hXDZgCfR8n8
u1PelSm0uHGZFma0+7MYt14=
=hBTt
-----END PGP SIGNATURE-----


--
Greg Vickers
IT Security Engineer & Project Manager
IT Security, Network Services,
Information Technology Services
Queensland University of Technology
L12, 126 Margaret St, Brisbane

Phone: +61 7 3138 9536
Mobile: 0410 434 734
Fax: +61 7 3138 2921
Email: g.vickers () qut edu au
IT Security web site: http://www.its.qut.edu.au/itsecurity/

CRICOS No. 00213J

Current thread:

Re: Laptop encryption, (continued)
- Re: Laptop encryption Bristol, Gary L. (Oct 08)
- Re: Laptop encryption Joey Rego (Oct 08)
- Re: Laptop encryption Aaron Lafferty (Oct 08)
- Re: Laptop encryption Michael Sana (Oct 08)
- Re: Laptop encryption Kutil, Charlie D. (Oct 08)
- Re: Laptop encryption David Kovarik (Oct 08)
- Re: Laptop encryption Brewer, Alex D (Oct 08)
- Re: Laptop encryption Scott Koger (Oct 08)
- Re: Laptop encryption Dave Koontz (Oct 08)
- Re: Laptop encryption Allan Williams (Oct 08)
- Re: Laptop encryption Greg Vickers (Oct 08)
- Re: Laptop encryption Sarah Stevens (Oct 08)
- Re: Laptop encryption Todd Clementz (Oct 09)
- Re: Laptop encryption Hoffman, Michael (Oct 09)
- Re: Laptop encryption Gary Dobbins (Oct 09)
- Re: Laptop encryption Chris Vakhordjian (Oct 09)
- Re: Laptop encryption Scott Koger (Oct 09)
- Re: Laptop encryption Anthony Maszeroski (Oct 09)
- Re: Laptop encryption Alex Everett (Oct 09)
- Re: Laptop encryption Linda Pruss (Oct 09)
- Re: Laptop encryption Dennis Tracz (Oct 09)

(Thread continues...)