.

Recommended Security/Encryption suite

<<

tux633k

Newbie
Newbie

Posts: 9

Joined: Sat Apr 10, 2010 9:50 pm

Post Wed Jun 30, 2010 7:27 pm

Recommended Security/Encryption suite

Hi I wasn't sure if I should post this topic here, but in any case I was wondering if anyone has any recommendations on an Encryption software suite to do it all - encryption/decryption, pwd mgmt, usb encryption etc.  I just don't want to break the bank so to speak.  I'd like for it to be affordable but I might be asking for too much already.  We're a small shop of about 100 employees but I may not need to encrypt everyone's system just those that deal with sensitive/confidential data.  From what I read I like the GuardianEdge software but I don't know how much this costs.

Thank you.
CEH, MCP, CSCS, CHP
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Jul 01, 2010 7:25 am

Re: Recommended Security/Encryption suite

The problems you WILL run into will be the management of the suite and user-end training. An issues with simply allowing users to run their own "privacy suite" is when their employment comes to an end. What will you do if you don't have the ability to decrypt what an employee encrypted.

Imagine for a minute having a top scientist at your company. He discovers the cure for Foobalia a terminal disease. He's been taught to encrypt everything he does and does so. He passes away... He leaves for another job... He is arrested... *Something* happens where you need that data. What are you going to do. How much time and money will it cost you to attempt to recover that data.

Let's look at the alternative. 100 Employees. You will need to train them all, mandate they all use it, configure it, maintain it. So you think... "rescue disk!"

RD = Rescue Disks
M = Minutes

100(RD) * 20(M)  = 2000 / 60 = 33 hours to configure

There is a hidden slash un-thought-about cost factor here. You could (if properly) deploy a script to autodownload, install, back-up the program. However, there is still management and user-end training.

On the low end of the pricing spectrum there is Steganos which doesn't allow for *true* enterprise scalable configuration.
http://www.steganos.com/us/products/dat ... /overview/

Then there is something like Voltage (http://www.voltage.com/products/index.htm) where all is centralized including being able to send out emails where the receiver (even if they don't have say PGP) could decrypt. Key management is made simple so you don't run the risk of say rogue employees changing keys/pasphrases, etc.

Voltage at the end of say a 3-5 year lifespan will eventually come out cheaper via terms of configuration, deployment, usability not to forget that if someone leaves, you won't shoot yourself in the foot wondering whether or not your data is gone (encrypted beyond the point of no return)
<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Thu Jul 01, 2010 8:15 am

Re: Recommended Security/Encryption suite

I think a combination of Rights Management (RMS) and Bitlocker.  Again, it depends on your environment, but if you are running Windows then this kinda stuff comes with Vista/7 and Windows Server 2008.
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Tue Jul 06, 2010 6:38 pm

Re: Recommended Security/Encryption suite

I'm with Sil on using Voltage.  They simplify key management and data recovery, which will be your biggest concerns in any company of more than say five employees...  A truly stable PKI implementation for a company of your size will cost a LOT to deploy in terms of man hours. I have to assume that you have a full time job before trying to develop and deploy a PKI so something that is more or less plug and play is probably your best option (as it doesn't sound like you have enough people to justify a consultant to deploy the infrastructure for you.

Whatever you do, don't cut corners.  A bad PKI design likely makes your information MORE vulnerable.  People start to consider all critical information being encrypted as a mitigating factor for other vulnerabilities (which is really isn't).  Then people leave holes open that they wouldn't otherwise.  Bad situation all around.

Good luck.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk

Return to Compliance, Regulations &amp; Standards

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software