Re: Laptop Encryption

[Zach Jansen <zjanse20 () CALVIN EDU>]

We ended up purchasing Utimaco and are in the process of implementing it now. The reason for going with a commercial 
product was the support issues of forgotten passwords and the possibility of needing to investigate a machine with 
encryption on it. With products such as truecrypt, if the password is lost then the machine and anything on it is 
toast, unless you manually touch every machine. With commercial products you'll have a method for recovering via a 
central console or administrative user. You'll also have the key stored centrally so if anything happens where the 
drive isn't bootable you can mount the drive from another machine and access any remaining data. 

Zach
-- 

Zach Jansen
Information Security Officer
Calvin College
Phone: 616.526.6776
Fax: 616.526.8550

> > > On 2/17/2009 at 8:06 PM, in message
<317311db0902171706p7947e65fk1ff88d388ffc17ac () mail gmail com>, Timothy Payne
<tpayne1 () MACALESTER EDU> wrote:
> Good Evening...
>
> We are starting to investigate enterprise encryption on College
> laptops, and eventually removeable drives.
>
> Can anyone share with the list their experiences with enterprise level
> encryption products?  I'm most interested in products that use some
> sort of 2-factor authentication...ie, a USB key required to boot and a
> password, or password/checksum combo.
>
> How do you deal with the inevitable user who loses their token or
> forgets their password?
>
> I've looked at Tru-Crypt and it does a really good job for me, but I
> don't think it will scale well to more than a handful of users.
>
> Thanks!
>
>
>
> Tim Payne, CISSP, CCNA
> Network Administrator
> Macalester College