Educause Security Discussion mailing list archives
Re: Laptop encryption experiences
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 15 Nov 2010 17:20:31 -0500
On Mon, 15 Nov 2010 15:34:55 CST, Rich Graves said:
And don't forget that "suspend" or "hibernate" is *not* a power-off. This is particularly important for those laptop users who almost always suspend, and only actually power off or reboot every few months, if at all.If your encryption suite synchronizes passwords with login passwords, which is true of most; and if you effectively enforce a policy of lock-on-sleep; then I'm not sure how much real difference there is.
It's the not-locked-on-sleep case that will burn you. If you can use GPO or similar to *force* it, you're probably OK. The problem starts with laptops that are under the user's administrative control, not your centralized IT's control. Then the clever-sheep user has the opportunity to disable lock-on-sleep without realizing the full security ramifications... (Go ahead - admit it. You have users that would do that if they could)
Attachment:
_bin
Description:
Current thread:
- Laptop encryption experiences Alan Bowen (Nov 15)
- Re: Laptop encryption experiences Everett, Alex D (Nov 15)
- Re: Laptop encryption experiences Sherry Callahan (Nov 15)
- Re: Laptop encryption experiences Shahra Meshkaty (Nov 15)
- Re: Laptop encryption experiences randy marchany (Nov 15)
- Re: Laptop encryption experiences Valdis Kletnieks (Nov 15)
- Re: Laptop encryption experiences Tonkin, Derek K. (Nov 15)
- Re: Laptop encryption experiences SCHALIP, MICHAEL (Nov 15)
- Re: Laptop encryption experiences Rich Graves (Nov 15)
- Re: Laptop encryption experiences Valdis Kletnieks (Nov 15)
- Re: Laptop encryption experiences Allison F Dolan (Nov 16)
- Re: Laptop encryption experiences Mclaughlin, Kevin (mclaugkl) (Nov 16)
- Re: Laptop encryption experiences randy marchany (Nov 16)
- Re: Laptop encryption experiences Joel Rosenblatt (Nov 16)
- Re: Laptop encryption experiences Allison F Dolan (Nov 16)
- Re: Laptop encryption experiences Shahra Meshkaty (Nov 15)
- Re: Laptop encryption experiences Rich Graves (Nov 16)
- Re: Laptop encryption experiences Sherry Callahan (Nov 17)
- Database Encryption for HIPAA Patria, Patricia (Nov 18)
- Re: Laptop encryption experiences James Farr '05 (Nov 15)