mailing list archives
Re: VA Loses another Hard Drive with data on 48,000 veterans
From: "Justin Ross" <RossJ () sddpc org>
Date: Tue, 06 Feb 2007 09:45:04 -0800
Unfortunate as it is, security has to have buy in from the top down. Which usually only happens once a vulnerability on
your network is exploited, and ends up costing the company (monetarily, reputation, or otherwise). Sometimes the only
thing we can do is CYA, and warn our users/bosses of the dangers, have them sign a document verifying they have been
told of the risks, and just let them do what they will. Sometimes you just can't protect people from themselves.
Having said that, we currently are looking into the following products:
Utimaco Safeguard Easy
PGP Whole Disk Encryption
All seem to be feature-rich, and perform well.
CCNA, CCSE, MCSE, CISSP
"Ed" <security () kdtc net> 2/5/2007 8:34:24 PM >>>
Saqib Ali wrote:
Associated Press is reporting that a portable hard drive belonging to
Veteran's Administration has been stolen. The Official Press Release
is available at the VA website.
This is something I'm glad I can keep track of here. This past
year alone has shown that it is easy to take things for granted
and expect things to stay where they are, when in fact, one
shouldn't. Unfortunately, I seem to be one of these people
who have gotten a 'little slack' in terms of maintaining a
secured network. (Can never get my point across to users
and bosses on security issues. They never seem to understand that
P2P and Skype really don't really belong in a corporate
environment. The only consideration is 'low cost' and
Anyway, there's certainly a plethora of solutions for encryption(whole
disk or otherwise). Does anyone here have any good suggestions?
So far, I'm looking at PGP Whole Disk and it looks promising.