Full Disc Encryption use and implementation strategy Discussion Forum

["Saqib Ali" <docbook.xml () gmail com>]

In the light of recent laptops theft and data security breaches, large
corporations, educational and government institutions are looking at
various Full Disc Encryption (FDE) solution to protect their
confidential data on
mobile devices. While it may be easy to choose and implement a Full
Disk Encryption in a small office, it is not the case with large
institutions. These institutions are struggling with the design and
architecture of the FDE and key management solutions. The design has
to account for the key management solution in case of accidental
destruction of the encryption key or employee leaving the company
without handing over the encryption tokens/keys. The design also has
to account for requirements for proper imaging of the HDD in case the
OS and all the data have to be revived to its original form. Hardware
Token and USB Key as a mean of authentication is also a point of
discussion.

There are multiple tools available in the market that allow for full
disk encryption. However they vary greatly. They are divided into two
main categories – hardware based and software based. The hardware
based full disk encryption solutions are considerably faster than the
software based solutions, and usually produce no overhead for the CPU
or the HDD. The software based solutions, while inexpensive, create
considerable overhead for the CPU depending on the type of encryption
used.

A limited number of full disk encryption solutions also support
Trusted Platform Module to tie the encrypted HDD to a particular
platform. TPM can make the key recovery possible and simplify single
sign on.

To address the questions and concerns mentioned above I have decided
to create a mailing list dedicated to Full Disk Encryption Technology
and Key Management solutions.

To subscribe, please email fde-subscribe () www xml-dev com
or visit:
http://www.xml-dev.com/mailman/listinfo/fde

("This is a Ad-Free Mailing List, so please DO NOT join if you only want
to advertise your products"). Also please DON'T inquire about adding
Ads to footer of the email.

Vendors are welcome to join if they bring constructive feedback to the
discussion.

This mailing list will be moderated for all new members.

Thanks
Saqib Ali


--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------


--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

-------------------------------------------------------------------------
Sponsored by: Watchfire

Today's hackers exploit web applications to expose, embarrass and even
steal. Firewalls and SSL may be commonplace but recent studies indicate 3
out of 4 websites remain vulnerable to attack. Watchfire's "Addressing
Challenges in Application Security" whitepaper explains what to do and
provides a guideline to improving your own application security.
Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmw
--------------------------------------------------------------------------