Educause Security Discussion mailing list archives

Re: Hard Disk Encryption Software

From: Chad McDonald <chad.mcdonald () GCSU EDU>
Date: Wed, 18 Jan 2006 16:56:00 -0500

We have used SecurStar's DriveCrypt Plus Pack (my preference) and Pdrive as
whole disk encryption tools.  DriveCrypt is a lot more user friendly and
transparent than Pdrive, but the last time I tried to buy it they were
having problems with their shopping cart on the website.  Other than a
different login screen you users will notice no difference with DriveCrypt.
It should be noted that both of these tools do NOT preclude the user from
emailing or copying data in an unencrypted format off of the mobile device.
You will need a strong set of policies and user education to combat that
issue.

Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
Phone   478.445.4473
Cell    478.454.8250
Fax     478.445.1202
Email   chad.mcdonald () gcsu edu

On 1/18/06 4:24 PM, "Jeff Giacobbe" <giacobbej () MAIL MONTCLAIR EDU> wrote:

Mike-

The commercial PGP package can do this (among many other useful
encryption/signing tricks.) Downside is that the price is, IMHO, quite
steep and they don't appear to offer a site license per se - just volume
discounts.

Personally I'm a fan of GnuPG for file and email encryption. It is inter
operable with the commercial PGP (proprietary algorithms not
withstanding) and the Enigmail plugin for Mozilla mail and Thunderbird
is great!  The latest version of Enigmail even includes a basic GUI for
key generation and management.

The downside to GnuPG is that the GUI tools for desktop file/directory
encryption are not at the same level as the commercial offering. I'm
sure others can weigh in on the various pros and cons of both solutions.

Regards,

Jeff Giacobbe
Director of Systems, Security, and Networking
Montclair State University


Mike Hanson wrote:

Hello

We are exploring using either full hard disk encryption or folder level
encryption for our mobile devices. I am curious what products others are
using and your experiences with the product.

We would like to make this added level of security more or less painless
for the end users if possible.

Thanks for your input.

Mike Hanson
The College of St. Scholastica
Duluth MN 55811


Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
Phone   478.445.4473
Cell       478.454.8250
Fax       478.445.1202
Email   chad.mcdonald () gcsu edu

Current thread:

Hard Disk Encryption Software Mike Hanson (Jan 18)
- <Possible follow-ups>
- Re: Hard Disk Encryption Software Brian Baas (Jan 18)
- Re: Hard Disk Encryption Software Jeff Giacobbe (Jan 18)
- Re: Hard Disk Encryption Software Chad McDonald (Jan 18)
- Re: Hard Disk Encryption Software Neil_Sachnoff (Jan 19)
- Re: Hard Disk Encryption Software Kees Leune (Jan 19)