Thanks everyone for your response I will research ironkey. Sent from my Verizon Wireless BlackBerry
-----Original Message----- From: Tim Mugherini <[email protected]> Date: Sat, 16 May 2009 14:30:06 To: PaulDotCom Security Weekly Mailing List<[email protected]> Subject: Re: [Pauldotcom] Encryption/Protection for USB storage media I looked at several solitions a years ago and went with Ironkey for the aforementioned reasons. They also have an enterprise version with central policies and silver bullet functionality. We pair it up with device lock for usb and peripheral control. Which was only about 10 a node. Took all of a day to setup On 5/16/09, Jack Daniel <[email protected]> wrote: > For a relatively painless solution, I'll join the IronKey chorus. It > has the added bonus of being able to survive much more physical abuse > than other USB drives. I, er, I mean Bob, says they might even > survive a trip through the washing machine if the cap is on tight. > > As far as Bitlocker-to-go, this is a classic MS "innovation"- they get > parts of it right and then drop the ball hard. Bitlocker-to-go is a > great solution, one checkbox in GP and no more writing to unencrypted > USB drives on your domain (several more places to control passphrase > complexity, X.509 certs, backwards compat, etc). If you use a > password/phrase you can open it (read-only) with XP/Vista machines, > but they cannot write to it (that's default, can be set in GP). Note- > if you use SmartCard or other X.509 cert. based auth, no backwards > compatibility. > > Now the thud- it will only be available on Enterprise and Ultimate > SKUs, not on Pro or any Home version. Enterprise is Volume licensing > only, Ultimate will mostly be a retail software purchase. In other > words, you are not likely to ever purchase a PC with Bitlocker-to-go > enabled- if you want it you will pay again. > > And no, I have not tried to carve up the registry looking for a way to > open Bitlocker, the pre-beta, beta and RCs I have used were all > Ultimate. > > Jack > > > > -- > ______________________________________ > Jack Daniel, Reluctant CISSP > http://twitter.com/jack_daniel > http://blog.uncommonsensesecurity.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Sent from my mobile device _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
