Re: Product request - Enterprise whole disk encryption for laptops

[Roger Safian <r-safian () NORTHWESTERN EDU>]

At 01:34 PM 7/15/2006, Harold Winshel put fingers to keyboard and wrote:
> There might be actually two different issues in terms of protection
> against a breach.
>
> One, what is required in terms of not having a reportable event.
>
> Two, what is required to give you the level of protection you seek
> against breach, regardless of reportable event standards.

Absolutely.  FWIW, if you're looking to be squirlly on the
notification, I haven't seen any of the privacy/notification
laws that really spell out what encryption is.  Those that mention
it, often give an out on notification if you are using encryption.

It would appear to me that EFS, with all it's problems, would
fit the definition and provide that out.  Personally I think it
would be nice to be able to examine the facts of the case and
make decisions based on them, instead of having our hands tied
legislatively.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"