PaulDotCom mailing list archives

Enterprise Full Disk Encryption

From: arch3angel at gmail.com (Arch Angel)
Date: Wed, 5 Nov 2008 02:34:45 -0500

At my previous job we used PGP but where I am at now we use PointSec.  I
have not heard of any major issues with PointSec other than cost.  On my
personal stuff I use Truecrypt, but then again I may have as many systems as
a small business I don't have nearly 100 laptops...

I have 99 plus 1 parts one :) j/k

2008/11/5 Matt Lye <lyematt at gmail.com>

I actually like the idea of using keyfiles as opposed to passwords, using a
smaller password and a keyfile is easier that a large password. This
especially applies to encrypted volumes.

HOWEVER i do remember seeing a report that truecrypt was vulnerable to
someone running a ram scan after it had been shut down as it stored the
password/keyfile in ram for the duration of the session.

Someone with more experience may wish to contradict or support this.

You can do anything you set your mind to when you have vision,
determination, and and endless supply of expendable labor.

<No tree's were harmed during this transmission. However, a great number of
electrons were terribly inconvenienced>


2008/11/5 Kennith Asher <herrasher at gmail.com>

The solution xgermx mentions is precisely what we have done.  For a small

business solution working in a space with significant security requirements
and inadequate cash, TrueCrypt is probably the most reasonable solution.
(IMHO)  Just need to make sure that the PWs are both strong and workable for
the end user...


Ken



If we did end up using TrueCrypt, users would be assigned static passwords
(which the IT staff would have stored in and encrypted file). That would at
least eliminate people forgetting their password.



2008/11/4 Tim Krabec <tkrabec at gmail.com>:

Securitycatalyst.org/forums has a few topics on it.  I know several of

the people there have implemented or are implementing FDE on several

(50+) machines here is one of the threads

http://www.securitycatalyst.org/forums/index.php?topic=193.0 (you need

to be logged in)

On Tue, Nov 4, 2008 at 10:39 AM, xgermx <xgermx at gmail.com> wrote:

I'm getting bids from HP and Dell on laptops (about 100). Does anyone

have experience with their respective full disk encryption solutions?

The reps I've talked too (from both companies) can't really give me

the technical information that I want, and the information on both

websites is outdated (2007).

I've also considered going with TrueCrypt (I have the most experience

with this and it's free, but there's not a good way to centrally

manage it).

Your thoughts?

_______________________________________________

Pauldotcom mailing list

Pauldotcom at mail.pauldotcom.com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com

--

Tim Krabec

Kracomp

772-597-2349

smbminute.com

kracomp.blogspot.com

www.kracomp.com

_______________________________________________

Pauldotcom mailing list

Pauldotcom at mail.pauldotcom.com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com


_______________________________________________

Pauldotcom mailing list

Pauldotcom at mail.pauldotcom.com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081105/fd5ec44b/attachment.htm

Current thread:

Enterprise Full Disk Encryption, (continued)
- - Enterprise Full Disk Encryption xgermx (Nov 04)
    - Enterprise Full Disk Encryption Adese (Nov 04)
    - Enterprise Full Disk Encryption Raffi Jamgotchian (Nov 04)
    - Enterprise Full Disk Encryption Bugbear (Nov 04)
    - Enterprise Full Disk Encryption Tim Krabec (Nov 04)
    - Enterprise Full Disk Encryption Chris Biettchert (Nov 04)
    - Enterprise Full Disk Encryption Frank Mileto (Nov 04)
- Enterprise Full Disk Encryption Chris Gerling (Nov 04)
- Enterprise Full Disk Encryption Kennith Asher (Nov 04)
  - Enterprise Full Disk Encryption Matt Lye (Nov 04)
    - Enterprise Full Disk Encryption Arch Angel (Nov 04)
    - Enterprise Full Disk Encryption xgermx (Nov 05)