Re: Full Disk - Media encryption

["Santabarbara, Angelo" <asantabarbara () SIENA EDU>]

We played around a bit with Truecrypt and it worked well. We stored the
passwords in a KeePass database. At the same time we were testing MS
Bitlocker and liked the way it is tied into AD so we decided on Bitlocker
for all our notebooks. As long as your notebooks have a TPM processor, the
performance hit is not noticeable.
On May 30, 2013 10:40 AM, "Kimberly Heimbrock" <heimbrockk () nku edu> wrote:

> We have been using MS Bitlocker since 2010 on all laptops. Recently added
> use for thumb drives (on a request-only basis). Keys are stored within AD,
> easily retrieved.  Issues occur at times with malware and viruses, but have
> not had many issues related to the encryption process itself or key
> retrieval.   Most users are completely unaware of the encryption.  We are
> working toward MBAM (console management) and would really like extending it
> to portable storage devices.
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:
> SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bohlk, Christopher J.
> Sent: Thursday, May 30, 2013 10:32 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Full Disk - Media encryption
>
> Hi All,
>
> I was wondering if anyone is using TrueCrypt to encrypt their laptops with
> FDE?  If so, how are you handling password management if a user forgets
> their password?  Are you storing the these passwords in a secure location
> where administrators can retrieve them if needed?
>
> Thanks,
> Chris
>
> Chris Bohlk, CISSP
> Pace University
> Information Security Officer
> Information Technology Services (ITS)
> 235 Elm Road, West Hall 212A
> Briarcliff Manor, NY 10510
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:
> SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David Grisham
> Sent: Wednesday, May 29, 2013 9:14 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Full Disk - Media encryption
>
> UNM Hospitals has encrypted all laptops with McAfee MEE FDE. So I have a
> number of other units in the HSC.
> Just upgraded to McAfee EPO and are looking forward to encrypting
> workstations with the autoboot component of the new version.
>
> Cheers --grish
> David D. Grisham
> David Grisham, Ph.D.,  CISM, CRISC
> Manager, IT Security,
> UNM Hospitals, IT Division
> Suite 3131
> 933 Bradbury Drive, SE
> Albuquerque, New Mexico 87106
> Ph: (505) 272-5657
>
>
> > > > Jim Furstenbrg <JamesFurstenberg () FERRIS EDU> 5/29/2013 8:47 AM >>>
> Looking for any advice and feedback on Vendor Solutions for Full Disk
> Encryption  (FDE) and Media Disk encryption (MDE).
>
>
> We currently use Checkpoint -- however their new version E80.xx does not
> support  our Symantec 12.1, 12.2 etc  anti-maleware endpoint solution -- so
> we are forced to seek another vendor for our encryption needs.
>
> Checkpoint FDE/MDE was clunky and we have had lots of issues with it , so
> this is an opportunity for us.
>
> I just wanted to see what folks have found success with and if there are
> any recommendations.
>
>
>
>
>
> Thank you.
>
> Jim Furstenberg |IT Security Analyst CISSP, C|EH
>
> "In GOD we trust, all others bring data."    W. Edward Demmings
> _________________________________________________________
> Ferris State University  - National Security Agency Center of Excellence
> 330 Oak St  | Big Rapids, MI 49307
> Office: 231.591.5335
> Mobile: 231.645.5821
> EFax: 888.396.6269
> Technical support
> or call 231-591-4822 local
> or toll free 877-779-4822