RE: Security procedure question
- From: "Sadler, Connie" <Connie_Sadler@xxxxxxxxx>
- Date: Mon, 25 Sep 2006 11:35:11 -0400
Hopefully policy and enforcement will take care of that. We look for it
when we do audits and/or security assessments. An employee doing this
knows that he or she will be disciplined for doing something like this.
We take it very seriously. Stupidity is not an option! ;-)
Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
IT Security Officer
Brown University Box 1885, Providence, RI 02912
Connie_Sadler@xxxxxxxxx
Office: 401-863-7266
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of MandommGmail
Sent: Monday, September 25, 2006 6:15 AM
To: Saqib Ali; Brown, Sam; mario@xxxxxxxxxxxxx; lists@xxxxxx
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Security procedure question
I'm concerned about a user leaving the id and password on paper in or
near the laptop.
There is no way one can defend against a user who decides to stick a
sticky pad on his laptop and leaves his password there. The best
encryption tool does not defend against human stupidity.
Alex
----- Original Message -----
From: "Saqib Ali" <docbook.xml@xxxxxxxxx>
To: "Brown, Sam" <sbrown@xxxxxxxxxxxxx>; <mario@xxxxxxxxxxxxx>;
<lists@xxxxxx>
Cc: <security-basics@xxxxxxxxxxxxxxxxx>
Sent: Friday, September 22, 2006 1:26 AM
Subject: Re: Security procedure question
If you don't mind, can I ask what product you selected? There are some
full/whole disc encryption implementations that support TPM. See the
URL for description:
http://en.wikipedia.org/wiki/FDE#Full_disk_encryption_and_Trusted_Plat
form_Module
If your laptops are TPM enabled the full disc encryption software can
wrap the decryption key with TPM, so the user won't have to remember
or note down an extra username/password.
On 9/20/06, Brown, Sam <sbrown@xxxxxxxxxxxxx> wrote:
We're going to be deploying whole disk encryption to our laptops so I
am interested in hearing how others have distributed the software
encryption ID's and passwords to users. I'm concerned about a user
leaving the id and password on paper in or near the laptop.
Sam Brown
---------------------------------------------------------------------
------ This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA
has designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec
management education and the case study affords you unmatched
consulting experience.
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------
------
--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------
----------------------------------------------------------------------
----- This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence inlife.
Information Security. Our program offers unparalleled Infosec
management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------
-----
------------------------------------------------------------------------
---
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Re: Security procedure question
- From: MandommGmail
- Re: Security procedure question
- Prev by Date: Re: Changing user password policy
- Next by Date: RE: No NetBios share + No Open Port = Safe Win98?
- Previous by thread: Re: Security procedure question
- Next by thread: Re: Security procedure question
- Index(es):
Relevant Pages
|
Loading
