Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Notebook policy (need advice)

from [Saqib Ali] Network Security [Permanent Link]
Subject: Re: Notebook policy (need advice)
Date: Tue, 23 Jan 2007 18:27:25 -0800 
1)The usual Anti-virus, anti-spyware etc.
2) Definitely use Full Disk Encryption. It covers you in case of
laptop theft or loss. It also satisfy California SB 1386. Thus a low
hanging fruit.
3) Policy based encryption (more details below)

More info on Policy based encryption:
As it turns out employees don't like their external storage device to
be "fully encrypted" or "blocked", and manually creating encrypted
vaults/folders on the device is too cumbersome and error prone. People
forget to save the files in the encrypted folder or create a backup in
the non-encrypted portion etc.

The alternative is to use encryption suites that provide policy based
encryption. Some examples:

Securewave Device Control (http://www.securewave.com/usb_security.jsp)
Credant (http://www.credant.com/content/view/219/152/)
Onigma 
(http://www.mcafee.com/us/enterprise/products/data_loss_prevention/index.html)
Pointsec (http://www.pointsec.com/products/removablemedia/)
DiskNet Pro (http://www.reflex-magnetics.com/products/disknetpro/)

These products only encrypt information bound for external storage
media from a protected system. Everything else remains decrypted.

Pointsec Media Encryption provides encryption for removable media by
policy such that all data added to the media bound data is encrypted.
A fully automatic encryption would cause issues for devices (e.g.
digital cameras and media players), where the media should be
readable, but if not modified (e.g. written back) then it should stay
clear text. That is why PME "only" encrypts data if it is being copied
from the company computer.

saqib
http://www.full-disk-encryption.net


On 1/23/07, Nicolas Arias <nicolas.arias@globant.com> wrote: 
Hi guys!, in my company we have a lot of notebooks, but theres no formal
security policy about them.

Can you tell me how do you handle this?

Do you give an local admin for the owner?, do you use full disk
encryption?, what about anti-virus and external scans?

Any idea is going to be really preciated.

Cheers!!




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Highlighting weak password dangers, WALI
Next by Date:  Re: Port 8081 mystery, levinson_k
Previous by Thread:  Notebook policy (need advice), Nicolas Arias
Next by Thread:  RE: Notebook policy (need advice), Pranav Lal
Indexes:  [Date] [Thread] [Top] [All Lists]