Educause Security Discussion mailing list archives
Re: Encrypted Thumbdrives
From: Richard Hopkins <Richard.Hopkins () BRISTOL AC UK>
Date: Tue, 22 Apr 2008 12:10:22 +0100
<1915881044-1208550999-cardhu_decombobulator_blackberry.rim.net-1544017987- () bxe119 bisx prod on.blackberry> A<480CC808.3010605 () doit wisc edu> <3B90EA2727B44B4BB6B09267749DD1F65048AB () EXCHANGEVS-02 ad wsu edu> Originator-Info: login-token=Mulberry:01k3fDjPbaNfbGuDz2wfnd8PXL2Tmv0wXt8e7Q4TywwfalOPc=; token_authority=postmaster () bristol ac uk X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-WatchGuard-IPS: message checked X-WatchGuard-Spam-ID: str=0001.0A090205.480DC7A0.001D,ss=1,fgs=0 X-WatchGuard-Spam-Score: 0, clean; 0, no virus X-WatchGuard-Mail-Client-IP: 137.222.10.112 X-WatchGuard-Mail-From: Richard.Hopkins () bristol ac uk X-WatchGuard-Mail-Recipients: SECURITY () LISTSERV EDUCAUSE EDU Computerworld recently (March 3rd) published a review of 7 secure USB=20 drives: <http://www.computerworld.com/action/article.do?command=3DprintArticleBasic&= articleId=3D9062527> Their conclusion was: "Overall, however, the IronKey's numerous security features --=20 hardware-based encryption, random password generator, two-factor=20 authentication, secure Web browsing, and self-destruct mechanism -- along=20 with its longer-life, single-level cell NAND memory, put it over the top as = the highest quality, most secure drive of the bunch." (I've been using one for a few months.) Richard --On 21 April 2008 13:47 -0700 "Avdagic, Indir" <indir_avdagic () WSU EDU>=20 wrote:
We are using Kingston's Data Traveler Secure USB Flash drives that secures data on-the-fly via 256-bit hardware-based AES encryption. These drives are a little bit slow when handling a bigger number of files. __________________________________ Indir=C2=A0Avdagic, CISSP, ACSA, TICSA Network Security Engineer Washington State University=C2=A0 indir_avdagic () wsu edu Phone:=C2=A0(509) 335-3279 http://infotech.wsu.edu/security/=C2=A0 =C2=A0 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse Thompson Sent: Monday, April 21, 2008 10:00 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Encrypted Thumbdrives James M. Dutcher - VP IS/IT & CIO wrote:Charles, Best open source - TrueCrypt Best vendor solution - IronKeyI agree with this, but you should also distinguish between hardware vs software encryption. Data encrypted with software-based encryption (e.g truecrypt) is subject to offline attacks, so it could be broken with enough computing power. Data encrypted with hardware-based, or hardware-protected-software-based encryption (e.g. ironkey) in theory cannot be subjected to brute force attacks. Having said that, I personally use truecrypt on a standard 1GB usb drive. JesseMy two cents worth Regards, Jim Dutcher - VP IS/IT & CIO - SUNY Orange Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "Bombard, Charles L" <Charles.Bombard () CCV EDU> Date: Fri, 18 Apr 2008 16:18:58 To:SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Encrypted Thumbdrives Have you looked at a particular product? Have one you really like? I am wondering what other people have found in looking at USB thumbdrives that have built in encryption and/or have utilized software based encryption such as truecrypt that can be included on the drives un-encrypted area. I am currently demo'ing a SafeStick Business edition thumbdrive. I will be looking at a truecrypt solution too. I thought there had been a discussion about this a while back but I could not find it in the archives. Any thoughts/suggestions are appreciated. -Charlie =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Charles Bombard, GSEC LAN/Systems Administrator Community College of Vermont 119 Pearl Street Burlington, VT 05401 802.657.4234 <mailto:bombardc () ccv edu> bombardc () ccv edu PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated recipient only and may contain privileged, confidential, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of an email received in error is prohibited.
Richard Hopkins Information Services University of Bristol
Current thread:
- Encrypted Thumbdrives Bombard, Charles L (Apr 18)
- <Possible follow-ups>
- Re: Encrypted Thumbdrives Stephen Gill (Apr 18)
- Re: Encrypted Thumbdrives Bradley, Stephen W. Mr. (Apr 18)
- Re: Encrypted Thumbdrives James M . Dutcher - VP IS/IT & CIO (Apr 18)
- Re: Encrypted Thumbdrives Mike Hanson (Apr 18)
- Re: Encrypted Thumbdrives Paul Keser (Apr 18)
- Re: Encrypted Thumbdrives Michael Sana (Apr 18)
- Re: Encrypted Thumbdrives Gary Flynn (Apr 21)
- Re: Encrypted Thumbdrives Jesse Thompson (Apr 21)
- Re: Encrypted Thumbdrives Avdagic, Indir (Apr 21)
- Re: Encrypted Thumbdrives Richard Hopkins (Apr 22)
- Re: Encrypted Thumbdrives Brenda B Gombosky (Apr 22)