[SATLUG] Drive Encryption

Brad Knowles brad at shub-internet.org
Fri May 25 11:38:27 CDT 2007 

On 5/25/07, Ernest de Leon wrote:

>                                               I am mainly concerned with our
>  mobile population.  Is it more logical to use whole drive encryption or to
>  use the containers to hold sensitive data on the laptops?  If a laptop is
>  lost or stolen, and someone with EnCase or any other forensic tools gets a
>  hold of that laptop, can they pull the sensitive data from the laptop?

This issue was actually addressed directly last night, at the IEEE 
Central Texas Section Consultants Network meeting for Austin, where 
we had Michael Allgeier (the Information Security Manager from LCRA) 
come in and talk to us on the topic of "Understand and Outwit 
Hackers".

IIRC, what it comes down to is that for mobile users, if you use full 
drive encryption, then how do you ensure that they are always fully 
patched and fully virus scanned?  When they log out, the drive is 
encrypted, and all the system management software you might have on 
that laptop is now unable to apply all the updates you might require. 
If you use volume encryption and ensure that all sensitive data is 
stored only on those volumes, then the system management software can 
at least keep the unencrypted parts up-to-date while the computer is 
turned on but the user is not logged in.

The page at <https://www.issa.org/Chapters/Chapter-Directory.html> 
says that his e-mail address is michael.allgeier at lcra.org, if you 
want to contact him directly.  If you're interested, you might be 
able to get him to give you a copy of the slides he used for his 
presentation last night, or maybe even come down there to give a talk 
at a future SATLUG meeting.


More about Michael, from the blurb that was put out before the meeting:

Michael Allgeier oversees the Lower Colorado River Authority's network
and telecommunications security, disaster recovery, and security
policies as the Information Security Manager. He is an active member of
INFRAGARD, ISACA, and is the past President and current vice-president
of the Capitol of Texas ISSA Chapter. Mr. Allgeier holds the CISSP, CISM,
NSA IAM, Security +, Linux + and other security and Information
Technology certifications.  He was a NERC Cyber Security Standards
drafting team member, which are the new security standards for the North
American electric grid.

-- 
Brad Knowles <brad at shub-internet.org>, Consultant & Author
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
Slides from Invited Talks: <http://tinyurl.com/tj6q4>

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

More information about the SATLUG mailing list