Educause Security Discussion mailing list archives
Re: Laptop
From: Sherry Callahan <scallahan () KUMC EDU>
Date: Thu, 12 Jun 2008 12:20:10 -0500
Safeboot (now called McAfee Endpoint Encryption) is also working on Mac encryption, with an availability timeframe of 1Q09. We've been rolling out Safeboot to staff and faculty laptops that were reported as being used to store or access sensitive information since early 2007. Very recently, we announced that we are going to expand the program to include all University-owned laptops (personal laptops are prohibited from use with sensitive info by policy.) The only exception to the personal device rule is that we will be encrypting the student-owned tablets that they are required to purchase, as they will be using those during clinic rotations. When all is said and done in September, we'll have 1300+ encrypted laptops. We also install Computrace on every laptop and have been very successful in working with them to recover stolen laptops. As one previous poster mentioned, we've also worked with Absolute to recover another University's laptop that showed up on our network. One thing to know is that having CompuTrace in the BIOS is what makes it persistent and able to survive a hard drive reformat, repartition, or drive replacement. Only newer laptops and those listed by certain vendors are able to have it BIOS-resident. That doesn't mean that you can't install it - just be aware that if the thief formats the drive and reinstalls Windows, CompuTrace won't be on there any more. Also, we ran into a problem with the interaction of Safeboot and CompuTrace on the same machine, particularly on Vista, because they are both playing in the master boot record. The installation order is key - you need to install CompuTrace first, make sure it goes active in the BIOS, and then encrypt the laptop. If anyone is interested, our mobile device security page is at www2.kumc.edu/security/mobilesecurity and I'd be happy to answer any questions. Sherry Callahan Director, Information Security The University of Kansas Medical Center 3901 Rainbow Blvd, MS 3024 Kansas City, Kansas 66160 913-588-0966
"Julian Y. Koh" <kohster () NORTHWESTERN EDU> 6/11/2008 2:20 PM >>>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 14:53 -0400 6/11/2008, Zach Jansen wrote:
Do you need mac support or do you plan to use filevault? AFAIK only Pointsec currently has a Mac client, though Utimaco is planning to
release
one in the fall.
PGP also is working on a Mac OS X full disk encryption product. Should be available in the July timeframe. <http://www.macworld.com/article/133830/2008/06/pgp.html> -----BEGIN PGP SIGNATURE----- Version: 9.8.3.4028 wj8DBQFIUCWLDlQHnMkeAWMRApB/AKDOKHR0N3dLmaCsWUfaPuKbQURmVACfcOpz 8CFA5NCZ9fouUz5LVAtZP/E= =wyHo -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:kohster () northwestern edu> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
Current thread:
- Re: Laptop, (continued)
- Re: Laptop Valdis Kletnieks (Jun 11)
- Re: Laptop Nipper, Johnny R. (Jun 11)
- Re: Laptop Harold Winshel (Jun 11)
- Re: Laptop Harold Winshel (Jun 11)
- Re: Laptop Mike Waller (Jun 11)
- Re: Laptop Allison Dolan (Jun 12)
- Re: Laptop Steven M Werby/FS/VCU (Jun 12)
- Re: Laptop Harold Winshel (Jun 12)
- Re: Laptop Basgen, Brian (Jun 12)
- Re: Laptop Spransy, Derek (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Kevin Shalla (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Nipper, Johnny R. (Jun 12)
- Re: Laptop KOVICH Greg (Jun 13)
- Re: Laptop Peters, Kevin (Jun 13)
- Re: Laptop Hugh Burley (Jun 13)