Re: Full Disk - Media encryption

["Keller, Alex" <axkeller () STANFORD EDU>]

It is worth noting that while self-encrypting drives with pre-boot authentication offer offload for the encryption 
process (no notable performance penalty), if you plan to use them in conjunction with BitLocker or other OS level 
encryption schemes, there are a number of technical conditions that must be met, otherwise there will be no performance 
improvement (for example BitLocker on Windows 7 does not support the OPAL SED hooks),

http://www.trustedcomputinggroup.org/resources/commonly_asked_questions_and_answers_on_selfencrypting_drives

Best,
alex

Alex Keller
Information Technology
Stanford School of Engineering
axkeller () stanford edu  
(650) 736-6421

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Suljic, 
Nermin
Sent: Wednesday, June 05, 2013 1:39 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] (***POSSIBLE SPAM***) Re: [SECURITY] Full Disk - Media encryption

Consider using self-encrypting hard drives to improve performance and boot time.

Thanks,
Nermin

Sent from my Galaxy SIII



-------- Original message --------
From: "Shamblin, Quinn" <qrs () BU EDU>
Date: 06/05/2013 15:36 (GMT-06:00)
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] (***POSSIBLE SPAM***) Re: [SECURITY] Full Disk - Media encryption


We have been using SecureDoc from WinMagic.  (Despite the name it does support Macs)  (the solution was waaay less 
expensive than the competitors and it included a file and folder encryption as well as full disk encryption as part of 
the core price)

As with your solution, boot times are bad, it takes several minutes to get the machine up and running.  But once the 
core drivers are all decrypted and everything's up and running, we have no operational performance issues

Quinn R Shamblin
---------------------------------------------------------------------------------------------------------
Executive Director of Information Security, Boston University CISM, CISSP, former GCFA, PMP - O 617-358-6310  M 
617-999-7523 Contact me securely: https://securecontact.me/qrs () bu edu


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of SCHALIP, 
MICHAEL
Sent: Wednesday, June 05, 2013 1:27 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] (***POSSIBLE SPAM***) RE: (***POSSIBLE SPAM***) Re: [SECURITY] Full Disk - Media encryption

What did the full disk encryption do to your boot times?  We're running Symantec Endpoint Encryption, and the 
management on the laptops is great - but the only real complaint that anyone has is the reeeeeeally long boot 
times....we've tried to trim them down, but - to little or no avail....

Just curious.....

Thanks,

Michael


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David 
Grisham
Sent: Wednesday, May 29, 2013 7:14 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: (***POSSIBLE SPAM***) Re: [SECURITY] Full Disk - Media encryption

UNM Hospitals has encrypted all laptops with McAfee MEE FDE. So I have a number of other units in the HSC.
Just upgraded to McAfee EPO and are looking forward to encrypting workstations with the autoboot component of the new 
version.

Cheers --grish
David D. Grisham
David Grisham, Ph.D.,  CISM, CRISC
Manager, IT Security,
UNM Hospitals, IT Division
Suite 3131
933 Bradbury Drive, SE
Albuquerque, New Mexico 87106
Ph: (505) 272-5657


> > > Jim Furstenbrg <JamesFurstenberg () FERRIS EDU> 5/29/2013 8:47 AM >>>
Looking for any advice and feedback on Vendor Solutions for Full Disk Encryption  (FDE) and Media Disk encryption (MDE).


We currently use Checkpoint -- however their new version E80.xx does not support  our Symantec 12.1, 12.2 etc  
anti-maleware endpoint solution -- so we are forced to seek another vendor for our encryption needs.

Checkpoint FDE/MDE was clunky and we have had lots of issues with it , so this is an opportunity for us.

I just wanted to see what folks have found success with and if there are any recommendations.





Thank you.

Jim Furstenberg |IT Security Analyst CISSP, C|EH

"In GOD we trust, all others bring data."    W. Edward Demmings
_________________________________________________________
Ferris State University  - National Security Agency Center of Excellence
330 Oak St  | Big Rapids, MI 49307
Office: 231.591.5335
Mobile: 231.645.5821
EFax: 888.396.6269
Technical support
or call 231-591-4822 local
or toll free 877-779-4822

--
This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.


--
This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.