Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: dual password for file/folder encryption

From: chmod1777 () invalid-host name
Date: Tue, 16 Dec 2008 10:17:15 -0700
I would be reluctant to trust users to store their data in a certain folder only. We looked into encryption because 
we're a financial institution, mainly for laptops, and looked at many options. We decided to go with whole disk 
encryption simply because we simply couldn't trust human nature (users doing the right thing). The product that we 
chose was Mobile Armor.
http://www.mobilearmor.com/
 It is a client/server authentication model, and will allow a user to log in if off the network based off of their 
cached password. It syncs with AD, etc. It's basically a linux pre-boot environment, and allows us a back way in if we 
need to. It can be updated remotely, and is absolutely effortless to administer. The users complain about another 
login, but hey...  it keeps us out of the news ;)  Now we don't have to worry about if the end user did the right 
thing. If a laptop gets lost or stolen, it's basically junk. 

Kurt
Previous By Date Next
Previous By Thread Next

Current thread: