Educause Security Discussion mailing list archives
Re: PGP WDE
From: "Tonkin, Derek K." <Derek_Tonkin () BAYLOR EDU>
Date: Fri, 27 Feb 2009 09:45:17 -0600
We made our initial purchase of, I think, 300 licenses before I was even hired here in December of '06 so we've got some grandfathered pricing. Of course we've bought additional licenses several times since then and each time the price has at least tried to go up. I can't comment on specific numbers but if you e-mail me off list I can get you in touch with the folks that can. -------------Baylor University------------- Derek Tonkin Information Security Analyst Information Technology Services - Security derek_tonkin () baylor edu 254-710-7061 ---------------Sic 'em Bears--------------- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brad Sanford Sent: Friday, February 27, 2009 9:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] PGP WDE What kind of pricing were you able to negotiate with PGP? Brad Sanford Emory University On Fri, Feb 27, 2009 at 9:41 AM, Tonkin, Derek K. <Derek_Tonkin () baylor edu<mailto:Derek_Tonkin () baylor edu>> wrote: We've been rolling out PGP over the last two years and we are approaching 1000 users on campus. In our rollout I (or our installs group in the case of new computers) have actually personally installed PGP on each of those machines. This has a variety of scheduling challenges associated with it but it has the advantage of getting 20-30 minutes of one on one face time with users which we as the security group would not otherwise be afforded. During this time I have found out about a variety of unrelated issues users are dealing (or not dealing) with and we have found this time to be a worthwhile benefit. Our primary issues have been: * Expect to get a call at least every other day asking for a passphrase reset. This problem will be exacerbated if you install on a lot of desktops where users do not shut down regularly. Typically after MS patches roll out I get an increase in calls. We could alleviate this with some of the new PGP tools for administrative bypass but we'd rather force the users to remember their passphrase. * I've had one or two users complain that the passphrase requirement is to great and/or that having to remember another "password" is a major pain (we opted not to use Single Sign-On). * The logging capabilities have been greatly improved in recent releases making it easier to tell which machines are encrypted and if machines have had drive fault issues during encryption. * We have had a number of drive failures during disk encryption. We found that having users defragment their hard drives prior to encryption reduces failures and/or spots them before installation begins. PGP now does a better job of continuing to encrypt good blocks and skipping over bad blocks rather than hanging the encryption process as it had in the past. One last thing, remember that the PGP bootloader, at least last time I tried, does not support Bluetooth so Bluetooth keyboards will not work. Sorry for the long e-mail please feel free to contact me with any other questions you might have, -------------Baylor University------------- Derek Tonkin Information Security Analyst Information Technology Services - Security derek_tonkin () baylor edu<mailto:derek_tonkin () baylor edu> 254-710-7061 ---------------Sic 'em Bears--------------- _____________________________________________ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of jeff murphy Sent: Thursday, February 26, 2009 10:53 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] PGP WDE * PGP Signed by an unverified key: 02/26/09 at 10:52:52 Related to the topic from earlier this week. I'd like to hear from anyone who has deployed PGP Whole Disk Encryption and/or NetShare along with Universal Server. We're looking at a few options, one of which is PGP, and I'm looking for real-world war stories regarding how your rollout and support went. We're looking at WDE for several hundred users, so the trial we did of a few desktops doesn't really give us enough information to get a feel for what the product will be like once deployed en masse. thanks, jeff * Jeffrey Murphy <jcmurphy () buffalo edu<mailto:jcmurphy () buffalo edu>> * Issuer: The USERTRUST Network - Unverified
Current thread:
- PGP WDE jeff murphy (Feb 26)
- <Possible follow-ups>
- Re: PGP WDE Todd Clementz (Feb 26)
- Re: PGP WDE Sealey, Adam L. (Feb 26)
- Re: PGP WDE Beechey, Jim (Feb 26)
- Re: PGP WDE Gary Flynn (Feb 27)
- Re: PGP WDE Tonkin, Derek K. (Feb 27)
- Re: PGP WDE Brad Sanford (Feb 27)
- Re: PGP WDE Mclaughlin, Kevin (mclaugkl) (Feb 27)
- Re: PGP WDE Tonkin, Derek K. (Feb 27)