Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To, When You Have To Encrypt Absolutely Everything?

Posted by ScuttleMonkey on from the first-step-is-teaching-people-how-not-to-be-stupid dept.

Dark Neuron writes "My institution has thousands of computers, and is looking at starting an IT policy to encrypt everything, all hard drives, including desktops, laptops, external hard drives, USB flash drives, etc. I am looking at an open source product for Windows, Mac, UNIX, as well as portable hard drives, but I am concerned about overhead and speed penalties. Does anyone have experience and/or advice with encrypting every single device in a similar situation?"

9 of 468 comments (clear)

  1. Re:Yeah... by number11 · · Score: 4, Interesting

    you may want to only encrypt parts of your hard disk as encrypting the whole disk will impact performance.

    Yeah, but if you're running Windows, be sure to get the swap file (depending on security concerns, maybe having Win zero the swap file at shutdown might be enough) and all that crap in Documents and Settings. If concerns run to file/folder names, don't forget the MRU lists. I do have a Truecrypt partition, but regularly find bits and pieces of stuff scattered here and there on C: unencrypted.

    Win does not segregate data in a helpful fashion. If my security concerns were serious, I wouldn't dare anything less than whole disk encryption. Actually, I'd probably stop using Windows.

  2. Re:Yeah... by Lumpy · · Score: 5, Interesting

    How about the following...

    "My presentation is on this drive and I forgot the password, get my files for me!"

    users dont like it when you say, " sorry, but unless you remember your password all your files on that drive are gone forever."

    That stopped it at my last IT gig, I mentioned that response to the CTO and he said...

    "oooh, Did not think of that. let's skip encryption."

    --
    Do not look at laser with remaining good eye.
  3. Re:Yeah... by SatanicPuppy · · Score: 3, Interesting

    If it's corporate, just make them encrypt it using their key and a corporate master key. Then you can decrypt it using the master key if some boneheaded user loses their key. You should do this anyway to prevent some user from walking with all of their data, and to maintain SoX compliance.

    Obviously this will increase the overhead, but frankly, encryption should be used sparingly anyway.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  4. Re:Dont. by Rageon · · Score: 3, Interesting

    I work in a state courthouse. Here, Windows is set up force new passwords every so often and of ridiculous complexity (numbers + letters + symbols + sanskrit, or something of that nature). So what we have is a situation where 50% of the computers here have little post-it on them with the user's passwords. It does far more harm than good.

  5. Re:TrueCrypt or Wait for On Drive Upgrades by KookyMan · · Score: 5, Interesting

    In addition, the TrueCrypt user community lately is getting the shaft from the "TrueCrypt Foundation".

    Case in point, if you visit their forums, starting about 6 months ago, around the time of release of v6, the forum administrators now delete anything "critical" of TrueCrypt. Basically, your only allowed to discuss the positives of the software, or problems with the intended operation of it. Any "bugs" or "weaknesses" mentioned result in having the thread either locked, more than likely deleted, and if you push an issue, open a second thread on a 'deleted thread' your likely to have your account locked.

    5.1a was the last version released before this new policy of "only positives". Not to mention that the forums are already so heavily locked down (No public email addresses to register accounts, no private messages on the board, no threads that are not 'on topic'). Some of us tried (semi-successfully) to have frequent contributors meet over on Wilder's Security forums. (http://www.wilderssecurity.com/) Difficult though since they started deleting our postings since they weren't on topic, and private messages are impossible.

    Sadly, as a result of this, I used to heavily endorse TrueCrypt, but I can no longer stand behind them until they let the community get re-involved, for the good and the bad.

  6. I've seen this, too by Wee · · Score: 3, Interesting
    The university where I worked a few years ago had a very draconian password scheme. A lot of the profs and TAs and such kept their passwords on post-its, pieces of paper on their desks, etc. One professor's "security measure" was a post-it that reminded him to remove the password post-it before office hours. I'm pretty sure more than one student changed their grades or grabbed a test or something at some point.

    Given how glacially slow IT moves in a university -- and how much buy-in the prima donnas demand for even the slightest decisions -- I'm sure the password topic is still brought up at the weekly meeting.

    Security only works if the convenience/security ratio is balanced properly for the environment at hand. At a public university which is used to openness, the "encrypt everything" just wouldn't fly (because that one tenured prof who likes to share and then remote mount his entire C: drive between his office and home over an unencrypted network connection would pitch a fit and kill that plan by fiat). If you work at a security company or bank or the NSA, then I'd suspect you'd have an easier time of it.

    -B

    --

    Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.

  7. Re:TrueCrypt by timeOday · · Score: 5, Interesting

    My problem with TrueCrypt - and all software solutions - is how do they handle suspending a laptop to RAM? Apparently the keys are not overwritten in RAM until you unmount the partition, which means closing down all applications that access the sensitive data. I couldn't live with that. Instead the apps should be suspended, the encryption keys overwritten, and the apps not resumed until after the user inputs the password upon resume.

  8. What are you trying to protect and from what? by refactored · · Score: 3, Interesting
    The main question is not "how?" but "why?"

    What are you trying to protect?

    From what? What attacks? What value does it have to the attacker? What value does the secret hold to you? Who are the attackers?

    For example if the value of the secret is low to you, then spending money on protecting it is a waste. Encryption costs to buy, costs to run, costs to manage keys, costs in convenience. eg. (Most secrets aren't worth a trip across town because you forgot your keys once)

    If the attackers are internal, (they usually are), then encryption buys you nothing.

    If the value of the secret is large and the attackers have physical access, then encryption is the strongest link in a very weak chain.

    If many people have access to the secret, then social engineering will weasel it out no matter what your encryption.

    If the attackers are evil and powerful, then encryption is a red flag to very Bad Bulls. You better off with more primitive methods that require real humans to eye ball it.

    Get these questions lined up and answered before you start.

  9. Re:TrueCrypt by timeOday · · Score: 3, Interesting

    So how does TrueCrypt handle laptop suspend? Being a software solution, it wouldn't even necessarily know the laptop had been suspended, correct? It might seem a minor point, but when/if I lose a laptop, there's a strong probability it will be suspended to RAM at the time. Is the common approach simply to pop up a password-protected screensaver?