Educause Security Discussion mailing list archives
Re: Laptop encryption experiences
From: randy marchany <marchany () VT EDU>
Date: Mon, 15 Nov 2010 13:36:40 -0500
I've mentioned this before but it seems appropriate to mention again since this thread has reappeared. 1. Whole disk encryption (WDE) aka Full Disk Encryption (FDE) only protects your data if a) the system has been powered off b) an unauthorized person is trying to boot up your system c) someone steals the drive & is trying to boot it up. 2. WDE/FDE will not protect your sensitive data if an application or user is able to access your "sensitive" files. This means you have to carefully control the read/write/modify/delete permissions on your files. If you download a piece of malware and it executes, it will run with your perms and will be able to access any of the files you can access. Web based malware (code that gets downloaded and executed on your system) is the major threat vector. Does this mean you shouldn't use it? No, it's still a very important component. However, you do need additional encryption controls to really ensure you're protecting the sensitive files on your computer. I have some more thoughts on this at http://randymarchany.blogspot.com/2010/05/securing-sensitive-data-issues.html Just my .02. Randy Marchany VA Tech IT Security Office & Lab
Current thread:
- Laptop encryption experiences Alan Bowen (Nov 15)
- Re: Laptop encryption experiences Everett, Alex D (Nov 15)
- Re: Laptop encryption experiences Sherry Callahan (Nov 15)
- Re: Laptop encryption experiences Shahra Meshkaty (Nov 15)
- Re: Laptop encryption experiences randy marchany (Nov 15)
- Re: Laptop encryption experiences Valdis Kletnieks (Nov 15)
- Re: Laptop encryption experiences Tonkin, Derek K. (Nov 15)
- Re: Laptop encryption experiences SCHALIP, MICHAEL (Nov 15)
- Re: Laptop encryption experiences Rich Graves (Nov 15)
- Re: Laptop encryption experiences Valdis Kletnieks (Nov 15)
- Re: Laptop encryption experiences Allison F Dolan (Nov 16)
- Re: Laptop encryption experiences Mclaughlin, Kevin (mclaugkl) (Nov 16)
- Re: Laptop encryption experiences randy marchany (Nov 16)
- Re: Laptop encryption experiences Joel Rosenblatt (Nov 16)
- Re: Laptop encryption experiences Allison F Dolan (Nov 16)
- Re: Laptop encryption experiences Shahra Meshkaty (Nov 15)