PaulDotCom mailing list archives
Encryption/Protection for USB storage media
From: infolookup at gmail.com (infolookup at gmail.com)
Date: Sat, 16 May 2009 21:16:52 +0000
Thanks everyone for your response I will research ironkey. Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Tim Mugherini <gbugbear at gmail.com> Date: Sat, 16 May 2009 14:30:06 To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] Encryption/Protection for USB storage media I looked at several solitions a years ago and went with Ironkey for the aforementioned reasons. They also have an enterprise version with central policies and silver bullet functionality. We pair it up with device lock for usb and peripheral control. Which was only about 10 a node. Took all of a day to setup On 5/16/09, Jack Daniel <jackadaniel at gmail.com> wrote:
For a relatively painless solution, I'll join the IronKey chorus. It has the added bonus of being able to survive much more physical abuse than other USB drives. I, er, I mean Bob, says they might even survive a trip through the washing machine if the cap is on tight. As far as Bitlocker-to-go, this is a classic MS "innovation"- they get parts of it right and then drop the ball hard. Bitlocker-to-go is a great solution, one checkbox in GP and no more writing to unencrypted USB drives on your domain (several more places to control passphrase complexity, X.509 certs, backwards compat, etc). If you use a password/phrase you can open it (read-only) with XP/Vista machines, but they cannot write to it (that's default, can be set in GP). Note- if you use SmartCard or other X.509 cert. based auth, no backwards compatibility. Now the thud- it will only be available on Enterprise and Ultimate SKUs, not on Pro or any Home version. Enterprise is Volume licensing only, Ultimate will mostly be a retail software purchase. In other words, you are not likely to ever purchase a PC with Bitlocker-to-go enabled- if you want it you will pay again. And no, I have not tried to carve up the registry looking for a way to open Bitlocker, the pre-beta, beta and RCs I have used were all Ultimate. Jack -- ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://blog.uncommonsensesecurity.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Sent from my mobile device _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Encryption/Protection for USB storage media infolookup at gmail.com (May 16)
- Encryption/Protection for USB storage media Jody & Jennifer McCluggage (May 16)
- Encryption/Protection for USB storage media Grecs (May 16)
- Encryption/Protection for USB storage media Jack Daniel (May 16)
- Encryption/Protection for USB storage media Tim Mugherini (May 16)
- Encryption/Protection for USB storage media infolookup at gmail.com (May 16)
- Encryption/Protection for USB storage media Jack Daniel (May 16)
- Encryption/Protection for USB storage media Ron Gula (May 16)
- Encryption/Protection for USB storage media Ron Gula (May 16)