Thanks guys, we considered moving to citrix but there are just too many applications to make it feasible in my opinion besides that the majority of the people are in the office the majority of the time. I am already playing with true crypt and looks promising, and I also like phonefactor.com for authentication. This basically intercepts and calls the cell phone of the user at login to acknowledge the attempt.
I like not needing the extra device. I was looking at bit locker too as we have about half the company on win 7 pro, but the other half is still XP so we would obviously need to upgrade everyone just to get the same benefits of true crypt. From: John Cook [mailto:john.c...@pfsf.org] Sent: Thursday, October 07, 2010 11:44 AM To: NT System Admin Issues Subject: RE: disk encryption We're evaluating Checkpoint as a whole disk encryption solution. We have a product called NxTop (Virtual Computer is the company) that is a combination of Imaging/encryption/USB management that works very well in most situations but we're looking at Checkpoint for another project. We have also used McAfee endpoint but don't get me started on that rant.. From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, October 07, 2010 11:27 AM To: NT System Admin Issues Subject: RE: disk encryption We have an existing PointSec implementation, and are moving towards PGP and/or Bitlocker. -sc From: greg.swe...@actsconsulting.net [mailto:greg.swe...@actsconsulting.net] Sent: Thursday, October 07, 2010 1:40 AM To: NT System Admin Issues Subject: RE: disk encryption Ben, We have done clients with whole disk encryption on the laptops. Works great. Doesn't protect against anything when the system is actually running, only when the laptops are stolen. PGP Desktop Whole disk is what we used then, but I would seriously look at Truecrypt now. Nice thing about PGP was the centralized management we had for maintaining PGP passwords and accounts. All of the data is stored on the server 2008 via RDP. They use it both internally and externally. No data is stored on desktops or servers. Desktops are locked down via GP and basically have a single icon for RDP, or are running thin clients. Takes care of most security issues, but if the servers have a problem you hear about it quick. J Greg Sweers CEO <http://www.acts360.com/> ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Lists - Level 5 [mailto:li...@levelfive.us] Sent: Thursday, October 07, 2010 12:38 AM To: NT System Admin Issues Subject: RE: disk encryption Well that's what we are considering, the issue is they do have several graphics and presentation people, they also have a bunch of little 'apps' that im concerned with bog the server down. For example accounting dept has 2 different apps, then there is 3 people in graphics/marketing, and 2 attorneys who have their own app, HR has its own sql app, and then half the company uses Yardi (property mgmt. sql based). Then we get into cost, we already have 2 citrix servers, one is a vm, and one is a standalone and being phased out. Its running 2003 with citrix 3.x?? I would say its 5 years old from the last time they purchased anything. From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Wednesday, October 06, 2010 11:39 PM To: NT System Admin Issues Subject: Re: disk encryption Why not just put everything on Citrix and have done with it? Not criticizing just asking? I would avoid encrypting the servers and lock them down tight and lock them up tighter. Jon On Wed, Oct 6, 2010 at 10:46 PM, Lists - Level 5 <li...@levelfive.us> wrote: I have a small client, 15 laptops, 20 desktops , 8 servers on a 2008 domain. We were discussing full disk encryption and turning off cached mode for outlook etc etc. the client is pretty sensitive to protecting their data. One of the items that came up was whether we should just move to citrix so nothing is on the laptops and then encrypt the desktops in the office as well. Are there are recommendations for encryption people can recommend? I have only used the built in certificates with Windows to encrypt user profiles and am wondering if people would consider that secure enough or does pgp or some of these two factor disk encryption devices. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin _____ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin