Security Basics mailing list archives
Re: Laptop - Full Disk Encryption?
From: rohnskii () gmail com
Date: 18 Oct 2007 02:33:51 -0000
What audit has "revealed" that data security is not strong if data is not stored locally? Laptop security guidelines - Enable BIOS password (you already know that - Use Windows "user" level accounts for daily work - Windows Password protect all Accounts - but don't rely on only windows account password protection. It is adequate to keep honest people out, but if a bad guy has possession of a Windows PC/Laptop they can break into/reset password in less than 5 minutes! - create password reset disks - make sure password complexity is enforced or required (Upper & lower case letters, numbers, special char) - make passwords longer than 8 char whenever possible - if at all possible, separate data from PC. Preferably by keeping it on corporate servers, making sure that connection to server is encrypted (ie SSL). If data is kept on a USB device, make sure it is encrypted. And by policy require that users do not store the data key in the laptop bag. - use 3rd party software to encrypt whole disk (other replies have given examples). Remember that Windoze may store your data in many places other than the original data file, ie temp files and Windows swap file, Windows hibernation file, deleted files in recyle bin, deleted file fragments - you may also want to use secure file deletion utilities that overwrite deleted files multiple times using various algorithms
Current thread:
- Laptop - Full Disk Encryption? fac51 (Oct 17)
- RE: Laptop - Full Disk Encryption? William.Colson (Oct 17)
- RE: Laptop - Full Disk Encryption? Jason Gifford (Oct 17)
- RE: Laptop - Full Disk Encryption? JD Brown (Oct 17)
- Re: Laptop - Full Disk Encryption? J-Michael Roberts (Oct 17)
- Re: Laptop - Full Disk Encryption? Johnny Wong (Oct 17)
- RE: Laptop - Full Disk Encryption? Dias, Tiago Filipe (PT - Lisbon) (Oct 17)
- Re: Laptop - Full Disk Encryption? Rich Borroff (Oct 17)
- Re: Laptop - Full Disk Encryption? Rich Borroff (Oct 17)
- Re: Laptop - Full Disk Encryption? Ali, Saqib (Oct 18)
- <Possible follow-ups>
- Re: Laptop - Full Disk Encryption? rohnskii (Oct 18)
- RE: Laptop - Full Disk Encryption? William.Colson (Oct 17)