Domain: winmagic.com
Stories and comments across the archive that link to winmagic.com.
Comments · 8
-
Infographic on Full Disk Encryption
In August, our friends at WinMagic released the results of a survey they conducted with the Ponemon Institute where they examined the Total Cost of Ownership (TCO) for full disk encryption. To make this information even clearer, they’ve now created a handy, easy to reference infographic that makes the concept much easier to understand. We all know how important data encryption is for technology users and leaving your data unsecured can be a huge risk to your business. If you think your readers would find this interesting, we would love for you to share it on your blog. Please visit http://blog.winmagic.com/2012/09/04/making-the-case-for-data-encryption/ to view their infographic.
-
Re:TrueCrypt or Wait for On Drive Upgrades
Truecrypt is not the solution your looking for. For starters, management won't by into it because Truecrypt does not have key escrow. Nor does it have any sort of auditing or compliance features, which will be vital in a corporate setting. (For ill or good is a manner of opinion, but the reality is reliable reporting is the key between having a stolen laptop be reported as a property loss, or having to spend thousands on investigating what data was on the laptop, and if there is any chance that PII was on the device, sending out warnings.)
Which means that you'll have to look into other products. Everything is expensive, to varying degrees of expensive. Some solutions are:
Both products work with Seagates Momentous FDE.3 drives, and will software encrypt non FDE drives.
McAfee also offers the ability to lock out USB devices from running on computers (as does a product called Sanctuary, but if you go McAfee, just bite the bullet and use one provider)
As far as speed differences: The Seagate FDE (a SATA drive) on my laptop (A Dell D620 (1.8Ghz)) is faster, even with the WinMagic management software installed then the (unencrypted) PATA drive on my Dell GX620 (A 3.0ghz Pentium D) In general you can expect a 10-15% performance decrease with software encryption. How much this effects the user will depend on what they do. The only real way to know is to test.
-
My experience with three options
I have useful experience with three products.
SecureDoc from WinMagic is the software solution we use at my big TLA. As administration headaches go, this one isn't so bad. The recovery processes are workable but not (that I can see) hackable by any thief. The way we have it set up, users get 15 shots at screwing up their machine before IT has to get involved, thus allowing most bozos to eventually get it right while not giving infinite opportunites to thieves. It's administrable over the network (in some ways) and, thus, suitable for big organizations.
At home, I still have one Windows machine and it's secured with PGP. I've never used it in a big networked environment so I can't comment on how easy it is to administer. It has one feature that I think is neat, though. You can hit TAB before typing in your passphrase and it will be displayed in clear text. (Normally your pass isn't echoed on screen.) Scoff if you will but on those bad days when I've had little sleep and am, perhaps, a bit hung over, my 59-character passphrase can sometimes be just one hurdle too far. Seeing the text on-screen can be a big help for those times when my head just isn't in the game.
Finally, hardware encryption is better. When my Windows machine was my primary (I now am almost entirely migrated to an Ubuntu installation that I installed from the alternate CD, enabling full disk encryption from the beginning) computer, I relied happily on Flagstone drives. I still have one of their USB Freedom drives for backups. The login schtick is more severe; you get few chances and your data goes bye-bye if you screw up. However, I like the fact that they are a real product, not vaporware like some of the encrypted drives from major manufacturers. You can call them up, give them a credit card number, and actually get the hardware. If you talk to the home office in England, you'll converse with smart, helpful, courteous people. All in all, they're a joy to deal with. Downsides? Prices are high and capacities low, but that's part of the deal when it comes to certified hardware such as they sell. Truly irritating downsides? The documentation, unless they've revised it recently, is not all that it should be. Still, I don't hesitate to recommend them.
-
Making encryption standard
The only real question is when drive encryption becomes standard on drives.
For some of us, drive encryption has been standard for a long time.
At my job, we implement in software using Winmagic.
At home, I've used Flagstone drives for years. They're expensive (and for that reason I may soon switch to Seagate) but my peace of mind is worth a lot more.
-
Perhaps some agencies, but not all.
Most U.S. government agencies scrambling to implement the White House directive regarding data encryption (the deadline is already expired) are running toward SecureDoc by WinMagic. I'm elbow-deep in implementation right now.
-
Re:POST-time disk encryption
-
Re:Does this still work?
Is this a software or hardware product?
Secure Doc -
Re:Does this still work?
If the machine can access those files, the key is in memory at some point.
Yes, well, then you remove the key of course. See SecureDoc.