Slashdot Mirror
Full Disk Encryption - Xen, Windows and Linux?
Bofh To asks: "I'm in an industry that, more or less, requires full disk encryption, and to accomplish this, we use Pointsec on Windows. For the past 8 years, I've been running Linux on my work laptop, and this is the first time I'm running in a Windows only environment. I am interested in changing that, because I want to use Linux as my main platform, and only drop in to Windows when necessary (and use crossover if at all possible). I'm also interested in Xen, and would like to see if I can use that to virtualize Windows under Linux. My thought is that, as long as Pointsec is in dom0 and I use virtual disks for the Windows VM, I should be covered. The problem is that I'd also like a machine that is usable, as opposed to waiting endlessly as the virtual memory, virtual machine, pointsec, and xen all thrash around while I'm working on the machine. Has anyone used Pointsec for Linux, with Xen? "
I always find these types of "Ask Slashdot" amusing. People ask about what security product to use in their enterprise, how it will work with Linux etc etc. All perfectly valid questions, but utterly pointless in a corporate context because guess what? It's the Information Security Policy (& CISO) which will dictate who can and can't authorise new encryption products, changes to production environments, installation of non-standard baseline software (and the list goes on & on). If the OP really does work in an industry where disk encryption is needed (I'm going to take a wild stab in the dark and say s/he's probably in healthcare where HIPPA is concerned, maybe within a financial environment for GLBA/SOX, but even then it's a complex minefield of compensating controls and regulations which don't actually *require* encryption), then s/he should be consulting the Information Security Officer for advice, not asking Slashdot and lining themselves up for being fired for breaching policy.