Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Looking for a laptop encryption policy for institutionally-owned laptops
From: "Gibson, Nathan J. (HSC)" <Nathan-Gibson () OUHSC EDU>
Date: Thu, 22 Mar 2007 11:13:29 -0500

As would I!
 
Thanks

--Nate

V/R,
Nathan J. Gibson, CISSP
Information Technology, Information Security Services
The University of Oklahoma Health Sciences Center
Rogers Building, Room 128
Office: (405) 271-2476
Fax: (405) 271-2181
Cell: TBD
http://it.ouhsc.edu/services/infosecurity


Confidentiality Notice
This e-mail, including any attachments, contains information from the University of Oklahoma Health Sciences Center, 
which may be confidential or privileged. The information is intended to be for the use of the individual or entity 
named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the 
contents of this information is prohibited.
 
If you have received this e-mail in error, please notify the sender immediately by a "reply to sender only" message and 
destroy all electronic and hard copies of the communication, including attachments.

-----Original Message-----
From: Paul Keser [mailto:pkeser () STANFORD EDU] 
Sent: Thursday, March 22, 2007 10:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Looking for a laptop encryption policy for institutionally-owned laptops

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nathaniel-

I would definitely like a copy or the link to it when it is available.

- -PaulK

HALL, NATHANIEL D. wrote:
I just finished doing some basic research on Vista's BitLocker
Drive Encryption using Active Directory.  It seems to be pretty
good, but I did not get down to the nitty gritty to see what I
could read on the drive.

By default, it uses AES 128 with a diffuser for encryption, the TPM
in most new computers or a USB key, and can be easily scripted.  I
find it is much better than EFS because it encrypts the entire
partition, including the page file, and not just a directory that
can easily be circumvented.

If you would like a link to my presentation, please let me know and
I will send you the link after I make it publicly available.

-- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Network Security System
Administrator OTC Computer Networking

Office: (417) 447-7535

-----Original Message----- From: Ardoth Hassler
[mailto:hasslera () GEORGETOWN EDU] Sent: Thursday, March 22, 2007
10:08 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY]
Looking for a laptop encryption policy for institutionally-owned
laptops

Hi.... I'm in search of a sample policy that addresses encryption
of institutionally-owned laptops. Thanks in advance for sharing.

Ardoth

(Also posted this to the ICPL list so I apologize for the cross
post.)



- --
Paul Keser
Assoc. Information Security Officer
Stanford University
650.604.2186
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGAqaZO9nILSaZJPsRAm/9AJ9KCCz2+a+W3fdXqpTPH/ra60ZjzQCeLq7+
wcW8n9AEPJ8XevH2Qzo+hm8=
=VRmM
-----END PGP SIGNATURE-----

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault