Mobile Encryption Group Discussion and Written Project – CDI East 2006 Rick Smith rdsmith@mac. com Rick Wanner rwanner@pobox. com
Agenda Encryption Options l Evaluation Criteria l Recommendations l SDLC l Conclusions l
Encryption Options Full-disk Encryption l Hardware-based Encryption l – Seagate Virtual Disk Encryption l File Encryption l – EFS in Microsoft Windows XP/2003
Evaluation Criteria l l l l l Operating Systems Supported Ease of Deployment Transparent to User Centralized Management Ease of Management Strength of Encryption Key Management and Recovery Audit Logging Cost
Solution Recommendations l Safe. Boot – Device Encryption for l l l PC/Laptop Windows Mobile VDisk – Management console l l Web Based User self-service pasword resets – AES-256 l Point. Sec – Versions for l l l PC Pocket. PC Removable Media – Management console l No user self-service – FIPS 140 -2 compliant
System Development Life Cycle Documents investigation to date l Need to continue with in-house testing of l – Key recovery/escrow and password reset – Management console usability – Impact on users Implementation and deployment to follow l Need to consider including desktops and servers l
Conclusions l Recommendations – Safe. Boot – Point. Sec Implementation starting with “high value” laptops and mobile devices l Policy development also required to support - need to start now l
Скачать презентацию Mobile Encryption Group Discussion and Written Project
54b717b6cd7aa6044b0dbbf00a1f411f.ppt