RE: Database Encryption

2010-07-10 Thread Ken Schaefer 
Protect the information from what threat?

If you can't articulate the threats, you can't put in place something to 
stop/mitigate the threat.
e.g. some threats would be: someone stealing the physical disks, someone 
snooping the network traffic, someone compromising the application server. 
Which situation are you trying to protect against?

Cheers
Ken

From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Saturday, 10 July 2010 1:40 AM
To: NT System Admin Issues
Subject: RE: Database Encryption

Looking to protect the information on the MD3000, since that's where all the 
data is stored and accessed from.

_
Cameron Cooper
Network Administrator | CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021 | Fax: 847-255-1896
ccoo...@aurico.com | www.aurico.com

From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Friday, July 09, 2010 12:26 PM
To: NT System Admin Issues
Subject: RE: Database Encryption

What threat are you actually trying to protect against? The application will 
need to access the data in cleartext (since you are not using in-field 
encryption of data). So, the only threat that I can see you mitigating is theft 
of the server, or theft of the disks in the server. You could just use 
Bitlocker to handle that.

Cheers
Ken

From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Saturday, 10 July 2010 1:21 AM
To: NT System Admin Issues
Subject: RE: Database Encryption

We have two databases that we would be moving to SQL 2008.  We would need to 
purchase the per processor license due to clients nationwide accessing our 
system. (ie checking reports)

We are a pre-employment background screening company that is trying to get 
accredited through the NAPBS, and from what I understand in order to become 
accredited we need to have the entire database encrypted.

_
Cameron Cooper
Network Administrator | CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021 | Fax: 847-255-1896
ccoo...@aurico.com | www.aurico.com

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Friday, July 09, 2010 12:14 PM
To: NT System Admin Issues
Subject: RE: Database Encryption

Two questions,

One how many databases are you moving to SQL 2008, maybe there is the ability 
to go with Enterprise Edition R2  for the transparent data encryption you are 
seeking, and just have 1 database cluster accordingly ( Active/ Passive).  You 
don't have to go per-processor for licensing, but Cal management can be a pain 
otherwise. Especially if you have proxy boxes ( webservers, other applications 
etc etc) connecting to the database backend, then Per Processor solves a lot of 
your problems.

Other than that, I know that RED Gate SQL backup, and Quests Litespeed can 
produce encrypted backups.

The second question, is why do you need to encrypt the whole database? why not 
just encrypt the rows with the sensitive data itself, is this a PCI DSS 
requirement they want you to do ? Could not the backups themselves be encrypted 
to meet the requirements?

Just some thoughts on this thread...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Friday, July 09, 2010 12:32 PM
To: NT System Admin Issues
Subject: Database Encryption

All,

We are looking to replace our database servers with new hardware and software 
and will be running Windows Server 2008 R2 Enterprise Edition (64bit), with SQL 
Server 2008 R2 Standard on each machine.  Also, each machine connects into a 
MD3000.

What would be the best way to encrypt the entire database?  I know this can be 
done with the enterprise version of SQL Server 2008 R2, but due to the cost per 
processor (for unlimited CALs), we will be going with the Standard edition.
















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ATT outage 07/09/10?

2010-07-10 Thread John Hornbuckle 
I'm in north Florida, and my service started acting spotty on Friday. I'm still 
having issues this morning-I'm between one bar and no signal in an area where I 
normally have 3-4 bars.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: Bob Fronk [mailto:b...@btrfronk.com]
Sent: Friday, July 09, 2010 11:07 AM
To: NT System Admin Issues
Subject: RE: ATT outage 07/09/10?

We just received official word that there is a widespread ATT outage in KY and 
TN.

Thanks to all who replied.

BF

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Friday, July 09, 2010 10:12 AM
To: NT System Admin Issues
Subject: Re: ATT outage 07/09/10?

Good in Fort Worth, TX.
On Fri, Jul 9, 2010 at 9:04 AM, Maglinger, Paul 
mailto:pmaglin...@scvl.com>> wrote:
Good in Indiana.

From: Bob Fronk [mailto:b...@btrfronk.com]
Sent: Friday, July 09, 2010 8:46 AM
To: NT System Admin Issues
Subject: OT: ATT outage 07/09/10?

Anyone else seeing cell phone / data issues with ATT wireless today?  We are 
located in KY and have had several reports of no service and/or no data.  Also 
complaints from users in TN.

ATT rep says no known issues.













--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke











NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ATT outage 07/09/10?

2010-07-10 Thread Dennis Hoefer 
Sounds like your algorithm is corrupt.  Apple has an app for that -

-Original Message-
From: "John Hornbuckle" 
To: "NT System Admin Issues" 
Sent: 7/10/10 5:38 AM
Subject: RE: ATT outage 07/09/10?

I'm in north Florida, and my service started acting spotty on Friday. I'm still 
having issues this morning-I'm between one bar and no signal in an area where I 
normally have 3-4 bars.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: Bob Fronk [mailto:b...@btrfronk.com]
Sent: Friday, July 09, 2010 11:07 AM
To: NT System Admin Issues
Subject: RE: ATT outage 07/09/10?

We just received official word that there is a widespread ATT outage in KY and 
TN.

Thanks to all who replied.

BF

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Friday, July 09, 2010 10:12 AM
To: NT System Admin Issues
Subject: Re: ATT outage 07/09/10?

Good in Fort Worth, TX.
On Fri, Jul 9, 2010 at 9:04 AM, Maglinger, Paul 
mailto:pmaglin...@scvl.com>> wrote:
Good in Indiana.

From: Bob Fronk [mailto:b...@btrfronk.com]
Sent: Friday, July 09, 2010 8:46 AM
To: NT System Admin Issues
Subject: OT: ATT outage 07/09/10?

Anyone else seeing cell phone / data issues with ATT wireless today?  We are 
located in KY and have had several reports of no service and/or no data.  Also 
complaints from users in TN.

ATT rep says no known issues.













--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke











NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Management of laptops

2010-07-10 Thread Malcolm Reitz 
McAfee has a product called Site Advisor. It has an optional web filtering
plugin that lets you set a PC-based filter policy for web browsing. The
filtering is pretty effective (the policy lives on the PC and it does URL
categorization lookups to a McAfee server over the Internet). 

It works as a browser helper object on IE or as a plug-in on Firefox, so a
determined user could get around it.

-Malcolm

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Friday, July 09, 2010 15:00
To: NT System Admin Issues
Subject: Management of laptops

 

Folks,

 

Any suggestions on products to manage laptops?  We have a number of nomadic
users who use their issued laptops with aircards.  Sometimes they have a
wired or wireless connection, but not at any of my locations (these staff
work off-site).

 

Staff don't have much access, they are all "users".  I am looking for a
product whereby I can enforce similar content filtering/web surfing
filtering as my corporate fire walls.  I assume I'd need some sort of client
for the laptops that would occasionally check in to a central system for
updates.  We are a Fortinet shop, and I'm looking at the Forticlient, but am
looking at alternatives.  We have an issue with viruses on these machines
(usually blocked, but I get the notices), and that's usually from staff
going to web sites that would be blocked at the corporate level.

 

Suggestions appreciated.

 

Tom

 

Confidentiality Notice: This e-mail message, including attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~