Re: Laptop encryption experiences

[James Farr '05 <jfarr () UTICA EDU>]

We are just entering this world and are including hard drives and removable
media as this helps us with laptops and desktops.  The desktop may be
difficult to steal, but the flash drive they use is not. Our goal is to have
all drives and media encrypted by August 2011.
James Farr
Utica College

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of A. Harry Williams.
Sent: Monday, November 15, 2010 12:18 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop encryption experiences

On 11/15/2010 11:32 AM, Alan Bowen wrote:
> At TCNJ, we've been in the alpha/pilot phase of a laptop full disk 
> encryption project for a very long time.  We are grappling with the 
> complexities and resource requirements for encrypting our entire 
> laptop inventory.  I'd like to know what types of parameters schools 
> use for a "litmus test" to determine if a given laptop needs to be 
> encrypted.  Also, data on the number of laptops that have been 
> encrypted over a time period, e.g. month or semester, would be very 
> useful.  Any extenuating circumstances or qualifiers outside of these 
> questions would be much appreciated as well.  Thanks.
>
> -Alan
> -- 
> Alan Bowen
> Manager of IT Security
> The College of New Jersey

Our litmus test is "Is it a laptop?".  We include netbooks in the mix.  
We made the case to senior management (it wasn't hard) that the cost of 
one loss of data clean up exceeded the cost of FDE for all laptops, not 
to mention cost to reputation.  We've even started doing FDE on some 
desktop computers that we consider potentially containing high value 
data, such as HR, payroll and health services.  We started several years 
ago, and did it as part of normal replacement.  We're at a point now 
where basically all laptops have FDE.

/ahw