[FDE] Question re risks of data loss with FDE

Dennis Kezer dkezer at csc-dc.com
Fri Mar 2 11:52:26 MST 2007 

It sounds like the basic premise for the loss would be that the single copy
of the data in existence resides on the laptop with the lost keys.  If that
is the case I think they have a larger problem than FDE.

Dennis Kezer 

-----Original Message-----
From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com] On
Behalf Of Allen
Sent: Friday, March 02, 2007 1:41 PM
To: fde at www.xml-dev.com
Subject: [FDE] Question re risks of data loss with FDE

Hi Gang,

I've run into a FUD objection to FDE for health care laptops. 
Apparently some blogger has been having an intelligent but not well informed
series of posts that say (as I've been told) that the risks of data loss due
to losing encryption keys and/or weak passwords is so high that FDE is not a
viable option to protecting private data.

While I will grant that this is possible, but I don't believe this type of
thinking really applies in an enterprise as it assumes that there is no
encryption key management solution in place and that there is no strong
password standards in place, both of which are the case with the individual
user that is not part of a managed network. Is my thinking wrong?

Are there any white papers or data anyone could point me to so I can combat
the FUD? Can anyone point me to the blog on this? I can't seem to locate it
and it's causing a major amount of grief for protecting medical data in one
location. I believe it is because they really don't understand the structure
that must be in place and how it works.

Thanks a bunch,

Allen Schaaf
Business Process Analyst
Information Security Analyst
Training & Instructional Designer
Sr. Writer & Documentation Developer
Certified Network Security Analyst and
Intrusion Forensics Investigator - CEH, CHFI Certified EC-Council Instructor
- CEI

Security is lot like democracy - everyone's for it but few understand that
you have to work at it constantly.

_______________________________________________
FDE mailing list
FDE at www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde

More information about the FDE mailing list