Sister CISA CISSP

Jan 5 2009   2:24PM GMT

Encrypting Company Laptops

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

It is amazing to me that businesses are still issuing laptops to employees that do not have encryption. That being said, what do we mean when we say “the laptop is encrypted?”

There are three scenarios for encrypting portable computers:

1. Windows File Encryption
2. Third-party file, directory encryption software
3. Third-party whole disk encryption software

When you are making a decision on products to use, consider the following:

1. What level of encryption is the vendor stating? If the documentation says the algorithm is “proprietary,” throw it in the trash.

2. If the laptop is stolen, and there is a public announcement, is it going to sound better to say: “The whole disk was encrypted,” or, “They could get into the laptop because just some files were encrypted.” Consider your reputation risk.

3. If only files are encrypted, if I crack the password and get in as the user, does it automatically decrypt the files for me? Better check.

4. Can the software encrypt other items, like USB drives? Even better, if it does it automatically.

Don’t fall for the argument that disk encryption software is “too expensive.” What’s your reputation worth? Not only that, Trucrypt makes a GREAT free encryption product. For small business environments with 2 or 3 laptops, send them a donation and get going; it’s a great product.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: