RE: Encrytped USB Key quick win solution‏

["Paul Jenkins" <pjenkins () dsci com>]

At last years GovSec/Fose there were numerous solutions for exactly what you are describing most had hardware 
encryption on the USB key, and they also has solutions for encryption key management to include a master(admin) key for 
the eventuality that a DFO loses the password for it. To bad I forget the products, left all the literature at my last 
job.

Though it's missing the key management I love my Cruiser Titanium, it uses U3 and hardware encryption, with no admin 
level access needed. However most of the places I work now forbid such devices, and have disabled autorun on USB.

Good luck.  

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Secure Net
Sent: Wednesday, September 30, 2009 5:12 PM
To: security-basics () lists securityfocus com
Subject: Encrytped USB Key quick win solution‏


Hi,

I'm working in a large enterprise that will look next year for an "enterprise class solution" that can handle all the 
life cycle of USB key that use encryption.

But now, we have to find a quick win solution that we can put in production shortly with a limited budget.

I personally used Truecrypt for several years but here the reason why I don’t want to use it for an enterprise solution:

1-If the user lost the password of his USB key, you are dead
2-If the user go on a computer that don't already have Truecrypt installed, you need administrative privilege

I did some search and I tried FreeOTFE (http://www.freeotfe.org/)

It does what I wanted to:

1-Technical Support will be able to create a backup key before giving the USB key to the user. So they will be able to 
recover the data if the user lost his password.
2-There is a utility called FreeOTFE Explorer that can open the encrypted volume on the USB Key in the case you don't 
have administrative privilege on the computer. The app is not very quick but it seems to do the job.

My question is: Did someone had any bad experience with this app? If yes, did you find a better one that did the things 
I mentioned before and was working fine?

Thanks

JEP                                       
_________________________________________________________________
Avec Windows Live, vous gardez le contact avec tous vos amis au même endroit.
http://go.microsoft.com/?linkid=9660830

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------