|
Security Basics
mailing list archives
Re: dual password for file/folder encryption
From: chmod1777 () invalid-host name
Date: Tue, 16 Dec 2008 10:17:15 -0700
I would be reluctant to trust users to store their data in a certain folder only. We looked into encryption because
we're a financial institution, mainly for laptops, and looked at many options. We decided to go with whole disk
encryption simply because we simply couldn't trust human nature (users doing the right thing). The product that we
chose was Mobile Armor.
http://www.mobilearmor.com/
It is a client/server authentication model, and will allow a user to log in if off the network based off of their
cached password. It syncs with AD, etc. It's basically a linux pre-boot environment, and allows us a back way in if we
need to. It can be updated remotely, and is absolutely effortless to administer. The users complain about another
login, but hey... it keeps us out of the news ;) Now we don't have to worry about if the end user did the right
thing. If a laptop gets lost or stolen, it's basically junk.
Kurt
 By Date 
By Thread
Current thread:
- dual password for file/folder encryption, (continued)
|
Intro
