.

Encryption

<<

scucci

Newbie
Newbie

Posts: 29

Joined: Mon Sep 15, 2008 10:55 am

Post Mon Oct 06, 2008 11:33 am

Encryption

I have a project to setup encryption for our workstations and remote users. We currently don't have all the machines we own in our domain and have many people working from remote sites. I've looked into Checkpoint PointSec, Credent, and Gurdian Edge. I'm going to review Utimaco, PGP and Safe Net this week.

Has anyone had any luck with any of these vendors? Any thoughts?

Matt
<<

shednik

Jr. Member
Jr. Member

Posts: 75

Joined: Thu Sep 11, 2008 7:30 am

Post Mon Oct 06, 2008 2:43 pm

Re: Encryption

Are you talking about full-disk encryption on your workstations and vpns from remote sites?? I was kind of confused as to which you meant.
CCNA, MCP, A+, N+

WIP: Masters of Infosec, CEH, & Mastering C
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Oct 06, 2008 3:38 pm

Re: Encryption

I have had exposure to Credant, PGP and BeCrypt.
What you looking for in particular, perhaps we can help.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Mon Oct 06, 2008 3:40 pm

Re: Encryption

Scucci,

I've only got limited experience as I've only used one of the products that you mention, and only from an end-user perspective. My employer recently rolled out CheckPoint PointSec, and I managed to get it to hose my laptop within a week. Hard-drive would not boot past the PointSec login, obviously HDD is encrypted, so recovering data was not possible. Thank goodness for good backup policies.

It seems the system didn't like being booted from a USB stick into BackTrack (disclaimr: may not have been the pen drive, however ran Windows [I know...], booted to Backtrack, back to Windows, dead box)

However, with the exception of my box, the system was successfully rolled out to many users without issue. Buyer beware, in this case backups and system restores covered my a$$.
<<

shednik

Jr. Member
Jr. Member

Posts: 75

Joined: Thu Sep 11, 2008 7:30 am

Post Mon Oct 06, 2008 8:32 pm

Re: Encryption

For full disk encryption we use SafeGaurd on all of our new machines being rolled out...I haven't been able to do much testing of how good the encryption is but it serves its purpose.
CCNA, MCP, A+, N+

WIP: Masters of Infosec, CEH, & Mastering C
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Tue Oct 07, 2008 3:40 pm

Re: Encryption

One thing I will add to this discussion, just incase it gets overlooked.
The objective here is to secure and safeguard the information on the device in the event of its loss or theft.

Also it is worth considering the approach you will take to this encrypted device in the event of a forensic investigation. If forensics is something your organisation has / or will require then it might be worth scoping this into the testing plan.

The last thing you want is an incident, and go to do a forensic investigation only to find no one knows how to proceed.

Just food for thought as it were.
<<

scucci

Newbie
Newbie

Posts: 29

Joined: Mon Sep 15, 2008 10:55 am

Post Wed Oct 08, 2008 2:49 pm

Re: Encryption

Sorry for the delay - We're currently looking into a few products for our end-points (workstations). The first phase we want to hit is the remote users with laptops. These users are our higheset risk of having the data lost of stolen.
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Nov 01, 2008 6:23 pm

Re: Encryption

Don't forget about the Princeton attack on FDE:

http://citp.princeton.edu/memory/

This has the potential to reduce such measures to a "keep the honest folks out" level.

Return to Hardware

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software