Hi Gang, I've run into a FUD objection to FDE for health care laptops. Apparently some blogger has been having an intelligent but not well informed series of posts that say (as I've been told) that the risks of data loss due to losing encryption keys and/or weak passwords is so high that FDE is not a viable option to protecting private data.
While I will grant that this is possible, but I don't believe this type of thinking really applies in an enterprise as it assumes that there is no encryption key management solution in place and that there is no strong password standards in place, both of which are the case with the individual user that is not part of a managed network. Is my thinking wrong? Are there any white papers or data anyone could point me to so I can combat the FUD? Can anyone point me to the blog on this? I can't seem to locate it and it's causing a major amount of grief for protecting medical data in one location. I believe it is because they really don't understand the structure that must be in place and how it works. Thanks a bunch, Allen Schaaf Business Process Analyst Information Security Analyst Training & Instructional Designer Sr. Writer & Documentation Developer Certified Network Security Analyst and Intrusion Forensics Investigator - CEH, CHFI Certified EC-Council Instructor - CEI Security is lot like democracy - everyone's for it but few understand that you have to work at it constantly. _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
