Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] TrueCrypt with SSD



On 08/17/2011 06:52 PM, Richard Pieri wrote:
> As a data point: I don't bother with whole disk encryption.  I don't need it.  I don't leave my gear where it can be stolen.
>
> The average computer user with sensitive data on a laptop doesn't own that laptop, and thus is careless with it.  Without fear of reprisal or personal loss there is no incentive to act responsibly.  WDD is, ultimately, a technical solution to a social problem, which is why it doesn't work.
The issue is that there are many people who are issued laptops by their
employer, and these laptops do have sensitive data on them. We had a
case last night where one of our members showed up at the CBC, and his
work laptop had been stolen out of his car in front of the Cambridge
Police Department. Certainly, any employee who has custody of company
property should be advised about securing company property.  I'm
surprised that corporate IT does not enforce any encryption of data on
laptops.

I do think the whole issue is, as you point out, "a social problem".
Companies provide laptops (and tablets) to employees essentially so they
can do work somewhere away from the office. In our case, our Financial
Engineers might have sensitive financial data in models, sales people
may have sales data, contacts and customer profiles, et. al. One
solution is yours, don't leave it where it can get stolen. But someone
might be on his way home from work and stop at the market to pick up
some stuff for home. If I were a thief, a suburban supermarket parking
lot might be an ideal place. Last night I left my Color Nook and netbook
in the front seat of my car at MIT when I went to the CBC, but I don't
have any sensitive data on either.  Most thieves don't care about the
data, they simply want to resell to make a quick buck.

So, what is a good practice for an employee who has company property
that may contain some sensitive data?
1 solution is certainly whole disk encryption. This solution is
certainly workable as long as it has a decent password. If I were the IT
head at a company, I would opt for that solution.
Another is simply good practices. If you are in your car and may stop,
put the gear in the trunk where it is out of sight. Most thefts are
opportunity.

But, many people need their laptops out of the office for many good
reasons, work at home, travel, visit customer sites, go to BLU meetings...


-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org