Educause Security Discussion mailing list archives
Re: Laptop Encryption
From: Wes Young <wcyoung () BUFFALO EDU>
Date: Wed, 18 Feb 2009 06:20:12 -0500
We're in the process of investigating right now. We've been looking at the native solutions (file-vault, bitlocker, efs). Right now it seems like Commercial PGP seems to be the front runner. We're looking at the differences between that and truecrypt, which is a great solution, but the PGP commercial package looks better for enterprise key recovery, management, etc... Downloading the PGP demo is simple and easy to install (compared to other commercial products we were looking at). On Feb 17, 2009, at 11:16 PM, Valdis Kletnieks wrote:
On Tue, 17 Feb 2009 19:06:05 CST, Timothy Payne said:Can anyone share with the list their experiences with enterprise level encryption products? I'm most interested in products that use some sort of 2-factor authentication...ie, a USB key required to boot and a password, or password/checksum combo. How do you deal with the inevitable user who loses their token or forgets their password?Also consider the case of a stolen laptop - what are the chances the USB key is in the laptop bag? At that point, it's not 2-factor any more. And then you need to ask yourself - 'What threat model does that second factor actually protect me against?'. Remember that *most* 2-factor auth is intended to protect you against "keystroke logger sniffs password, attacker comes in over Internet from 9 time zones away" (because then they have "something they know", but can't supply "something they have" or "something they are" *because* they're 9 time zones away...).
-- Wes http://claimid.com/wesyoung
Attachment:
smime.p7s
Description:
Current thread:
- Laptop Encryption Timothy Payne (Feb 17)
- <Possible follow-ups>
- Re: Laptop Encryption Gary Dobbins (Feb 17)
- Re: Laptop Encryption Valdis Kletnieks (Feb 17)
- Re: Laptop Encryption Wes Young (Feb 18)
- Re: Laptop Encryption James Farr '05' (Feb 18)
- Re: Laptop Encryption Gary Flynn (Feb 18)
- Re: Laptop Encryption Zach Jansen (Feb 18)
- Re: Laptop Encryption Gregg, Christopher S. (Feb 18)
- Re: Laptop Encryption Warner, David F (Feb 18)
- Re: Laptop Encryption Basgen, Brian (Feb 18)