Stuart
I suggest you take a look at something like PGP [www.pgpi.com] which
will enable users to individually encrypt sensitive folders/files, or a
whole disk if they desire - although it is unlikely (and not very
practical) that you would want or need to encrypt the whole disk. In
practice a user would encrypt a folder/file after use, ready for that
all too frequent car break-in. In the rare event that the user comes
back to the car and finds the laptop in situ, then they can simply
decrypt the folder/file the next time they wish to access it. I suggest
the only downside to this is the distinct possibility of a user losing
his/her pass-phrase, in which case the file is unrecoverable [users will
therefore have to ensure frequent synchronicity of data files between
the laptop and their desktop machines]. PGP also has a very nice disk or
file cleaning feature which uses repeated encryption to render obsolete
files unrecoverable and therefore a very much safer option than simple
deletion.
Regards,
Mike
--------------------------------------------
Mike Taylor, Project Manager
DELTA Project
The University of Manchester
188 Oxford Road, Manchester M13 9GP
t: 0161 2757330
f: 0161 2758333
e: [log in to unmask]
--------------------------------------------
DELTA - "Delivering the Electronic Learning
and Teaching Advantage"
http://www.delta.man.ac.uk
--------------------------------------------
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Cashmore, Stuart
> Sent: 06 December 2001 09:42
> To: [log in to unmask]
> Subject: Security of laptop PCs
>
>
> My company is currently revisiting its guidance to staff on
> security and best practice with regard to laptop PCs. I'm
> having problems with one particular area where, as a laptop
> user myself, I'm finding it hard to balance good practice
> with practicality, and I would welcome the group's thoughts.
>
> The area I'm concerned with is storing personal data of any
> kind on the hard disk. "Traditional" advice is that people
> shouldn't store such data on the PC itself but instead it
> should be stored on floppies, and these should be carried and
> stored securely and separately from the PC. The reality is,
> of course, that people actually store data on the hard drive.
> This is usually for reasons of practicality - who actually
> wants to lug floppies around, are you seriously going to
> store them separately or more likely put them in the laptop
> case, and what if your data exceeds 1.44Mb (quite likely!)?
> Obviously if we could put arrangements in place to encrypt
> the whole disk that would be great, and that is a medium term goal.
>
> My problem is trying to offer sensible, practical advice that
> is actually workable. As far as I am concerned the
> traditional advice is so unworkable as to be a joke and
> laptop users feel the same way. If we were forced to work in
> that way there would be little or no point in having laptops!
> This unfortunately often leads to a general discrediting of
> ALL security advice given, with serious potential consequences.
>
> What are other people doing or recommending?
>
> Stuart Cashmore
>
> Data Security Manager
> McKesson Information Systems UK Ltd, No. 1 Nine Elms Lane,
> LONDON SW8 5RR
>
> Tel. 020-7819 5083 (with Voicemail)
> Mob. 07799-790019
> Fax. 020-7819 5100
> e-mail [log in to unmask]
> <mailto:[log in to unmask]>
>
>
>
>
>
>
> --------------------------------------------------------------
> --------------
> The information contained in this e-mail is confidential and
> is intended only for the named recipient(s). If you are not
> the intended recipient you must not copy, distribute, or take
> any action or reliance on it. If you have received this
> e-mail in error, please notify the sender. Any unauthorised
> disclosure of the information contained in this e-mail is
> strictly prohibited.
> --------------------------------------------------------------
> --------------
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> all commands go to [log in to unmask] not the list
> please!
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|