Let's say I write down my encryption passkey and stuff it in my laptop bag. My laptop bag is stolen along with the passkey to get in. Obviously that is a way "around" encryption and that vulnerability is real. So in a way, that blogger might be correct.
However, he is not putting it into perspective. While there is a chance of that happening, let's say my laptop bag is stolen along with my laptop that has no encryption on it. There's a 100% chance that thief can get into the data (whether he does or not is different). So two things have to go right for the thief that steals an FDE-protected laptop. They have to get hands on my laptop and they also need to get hands on my passkey. That decreases the exposure and increases the security of said data. I suspect that if posed the question, the blogger likely has no options available to offer that would meet his own criteria. And saying "no" to mobile devices is not really an option. This is not 1995 where mobility is a luxury available to the few. FDE is not a panacea to data loss, but it is as good a hurdle to place in front of data thieves as we have right now, along with policy and common sense. Michael Dickey Network Analyst > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Allen > Sent: Friday, March 02, 2007 12:41 PM > To: [email protected] > Subject: [FDE] Question re risks of data loss with FDE > > Hi Gang, > > I've run into a FUD objection to FDE for health care laptops. > Apparently some blogger has been having an intelligent but not > well informed series of posts that say (as I've been told) that > the risks of data loss due to losing encryption keys and/or weak > passwords is so high that FDE is not a viable option to > protecting private data. _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
