Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Laptop encryption experiences

From: randy marchany <marchany () VT EDU>
Date: Tue, 16 Nov 2010 13:37:18 -0500
Alison, you hit on my point about FDE? Is it really compliance? It seems to
me that FDE complies with the MA law only if the laptop is powered off. Does
FDE comply when you're using the computer? Not familiar with the MA wording
so that's why I'm asking. Do you need some other encryption tool (truecrypt,
PGP Netshare, GPG, etc.) to be compliant when the machine is in use?

-r.

On Tue, Nov 16, 2010 at 7:29 AM, Allison F Dolan <adolan () mit edu> wrote:


Rich - one reason to consider FDE is compliance related - in Massachusetts,
there is a regulatory requirement to encrypt personal data on laptops (and
other portable devices)  and in other states, if the lost/stolen laptop has
been encrypted, then you don't need to notify

......Allison  Dolan (617-252-1461)
Previous By Date Next
Previous By Thread Next

Current thread: