Security Basics mailing list archives
RE: List of Full Disc Encryption products
From: "Sadler, Connie" <Connie_Sadler () Brown edu>
Date: Thu, 6 Jul 2006 15:35:08 -0400
I agree with Roger. Full drive encryption is not required for anything that isn't classified. At least I've never seen a requirement for it. Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, Brown University Box 1885, Providence, RI 02912 Office: 401-863-7266 -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Thursday, July 06, 2006 2:13 PM To: Saqib Ali Cc: security-basics Subject: RE: List of Full Disc Encryption products I don't want to argue semantics, but you're wrong. Pure and simple. Data's data. Program files and operating system files are not data. Data is stored in files. You can encrypt individual files and folders and still be in compliance with any federal mandate or guideline. There is NO mandate or guideline that says the entire drive must be encrypted. Again, encrypting hard drives are a good thing, but don't spread FUD. Let the facts speak for themselves. Encrypting the entire hard drive is one solution for protecting confidential files, but it isn't the only solution. And it certainly isn't the only one accepted by law or mandate. -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Thursday, July 06, 2006 12:28 PM To: Roger A. Grimes Cc: security-basics Subject: Re: List of Full Disc Encryption products On 7/5/06, Roger A. Grimes <roger () banneretcs com> wrote:
I don't believe your second sentence. Prove me wrong. What mandate says that full hard drive encryption is mandatory versus just encrypting the necessary files and folders? Give me the law and
subsection. OK. See: 1) http://digg.com/security/U.S._gov_t_mandates_laptop_security 2) http://www.whitehouse.gov/omb/memoranda/fy2006/m06-16.pdf Bullet #1 from the PDF reads: 1) Encrypt "all" data on mobile computers/devices which carry agency data unless the data is determined to be non-sensitive, in writing, by your Deputy Secretary or an individual he/she may designate in writing; So encrypting certain files on the laptop will NOT suffice. You have to encrypt "All Data". If you are NOT encrypting partial data on the device, you have to get an written exception from the Deputy Secretary. -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ----------- ------------------------------------------------------------------------ --- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ---------------------------------------------------------------------------
Current thread:
- Re: List of Full Disc Encryption products, (continued)
- Re: List of Full Disc Encryption products Alex Koh (Jul 07)
- Re: List of Full Disc Encryption products Ow Mun Heng (Jul 07)
- Re: List of Full Disc Encryption products Alex Koh (Jul 07)
- RE: List of Full Disc Encryption products Steve Armstrong (Jul 06)
- Re: List of Full Disc Encryption products Eric Furman (Jul 06)
- Re: List of Full Disc Encryption products Ow Mun Heng (Jul 06)
- Re: List of Full Disc Encryption products Ansgar -59cobalt- Wiechers (Jul 10)
- Message not available
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- RE: List of Full Disc Encryption products Sadler, Connie (Jul 06)
- Re: List of Full Disc Encryption products Stephen John Smoogen (Jul 07)
- Re: List of Full Disc Encryption products Saqib Ali (Jul 06)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 06)
- Re: List of Full Disc Encryption products Dereck Martin (Jul 07)
- RE: List of Full Disc Encryption products Roger A. Grimes (Jul 07)
- RE: List of Full Disc Encryption products Steve Armstrong (Jul 10)