Educause Security Discussion
mailing list archives
Re: Looking for a laptop encryption policy for institutionally-owned laptops
From: Paul Keser <pkeser () STANFORD EDU>
Date: Thu, 22 Mar 2007 08:54:02 -0700
-----BEGIN PGP SIGNED MESSAGE-----
I would definitely like a copy or the link to it when it is available.
HALL, NATHANIEL D. wrote:
I just finished doing some basic research on Vista's BitLocker
Drive Encryption using Active Directory. It seems to be pretty
good, but I did not get down to the nitty gritty to see what I
could read on the drive.
By default, it uses AES 128 with a diffuser for encryption, the TPM
in most new computers or a USB key, and can be easily scripted. I
find it is much better than EFS because it encrypts the entire
partition, including the page file, and not just a directory that
can easily be circumvented.
If you would like a link to my presentation, please let me know and
I will send you the link after I make it publicly available.
-- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Network Security System
Administrator OTC Computer Networking
Office: (417) 447-7535
-----Original Message----- From: Ardoth Hassler
[mailto:hasslera () GEORGETOWN EDU] Sent: Thursday, March 22, 2007
10:08 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY]
Looking for a laptop encryption policy for institutionally-owned
Hi.... I'm in search of a sample policy that addresses encryption
of institutionally-owned laptops. Thanks in advance for sharing.
(Also posted this to the ICPL list so I apologize for the cross
Assoc. Information Security Officer
GPG Fingerprint: DBA3 E20F CE91 28AA DA1C 4A77 3BD9 C82D 2699 24FB
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v18.104.22.168 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----