Educause Security Discussion mailing list archives
Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops
From: "Eric C. Lukens" <eric.lukens () UNI EDU>
Date: Wed, 15 Sep 2010 14:01:33 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I found Bitlocker cumbersome for Windows Vista, but much better in Windows 7. Unfortunately, the users must have the Enterprise or Ultimate editions, which most home users will not have. In Windows 7 they don't have to partition the drive themselves. The difficult part is enabling the TPM chip, which is often disabled by the computer manufacturer in the BIOS. If Bitlocker is not available (or even if it is), TrueCrypt certainly is plenty good. Just make sure the users know not to cascade multiple ciphers for their full disk encryption--that'll slow things a little too much. Also, you can backup the header of a TrueCrypt volume (full disk or otherwise) and then change the password on the TrueCrypt volume to the user's choice. You'll then have a backup header that can be restored with a known password (see the "Restore Volume Header" section at http://www.truecrypt.org/docs/?s=program-menu). Remember to use this knowledge for good, not evil. - -Eric - -------- Original Message -------- Subject: Re: [SECURITY] "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops From: Dr. Wole Akpose <wole.akpose () MORGAN EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Date: 9/15/2010 1:05 PM
Mac comes with whole disk encryption. It's easy to use - Available through "System Preference -> Security" Window's BITLOCKER is a bit cumbersome, but PGP Whole Disk works well with Windows PCs. But I will always advice that such efforts be done with some organization oversight and support. So an enterprise deployment of bit-locker or PGP enterprise will ensure that you can easily recovery lost keys, in the event users forget that paraphrase/password for the whole disk encryption tool. Something to think about. Wole Akpose. CISSP, CGEIT, D.Eng Planning & Information Technology Morgan State University 1700 E. Cold Spring Lane Baltimore, MD 21251. p. 443.885.1850 / 443.885.3732 f. 443.885.8304 /443.885.8211 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chris Kidd Sent: Wednesday, September 15, 2010 1:22 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Does anyone have a list of hard disk encryption software suitable for end-users' personal Windows or Mac based PCs and laptops (i.e. relatively easy to use given no support will be provided by the organization)? Thanks in advance, Chris Chris Kidd Information Security and Privacy Office University of Utah 650 Komas Drive, Suite 102 Salt Lake City, UT 84108 Office: 801.587.9241 Cell: 801.747.9028 chris.kidd () utah edu http://www.secureit.utah.edu
- -- Eric C. Lukens IT Security Policy and Risk Assessment Analyst ITS-Network Services Curris Business Building 15 University of Northern Iowa Cedar Falls, IA 50614-0121 319-273-7434 http://www.uni.edu/elukens/ http://weblogs.uni.edu/elukens/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyRGA0ACgkQN+w4PqsMNp2/9QCfePz0DXEzVyfxKLHlJShSufoF 7OcAoIK0UyZf+6WzpomM7oAfvrghLwv7 =BHjJ -----END PGP SIGNATURE-----
Current thread:
- "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Chris Kidd (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops SCHALIP, MICHAEL (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Anthony Maszeroski (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops King, Ronald A. (Sep 16)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Brad Bickford (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Roger Safian (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Alex Keller (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Dr. Wole Akpose (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Alex Keller (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Eric C. Lukens (Sep 15)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Rich Graves (Sep 16)
- <Possible follow-ups>
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops Eric Jernigan (Sep 16)
- Re: "Stand Alone" Hard Disk Encryption for Home/Personal PCs and Laptops SCHALIP, MICHAEL (Sep 15)