Stuart: We full disk encrypt all our laptops, hard disk and SSD. We use enterprise versions of PointSec (now Checkpoint. IIRC) or PGP. Both work fine. We have not found FIPS 140-2 approved devices to use. In talking to the vendors, they say by the time a disk gets certified, the disk is obsolete. So while they have disks that encrypt to that standard, they're not certified.
I've beat on our Lenovo rep to offer such disks but they seem to have the same problem in getting them certified. _______________________ Robert Rosen Senior Technical Advisor, NIAMS Sent from the portable shiny device ----------------------------------- Date: Sun, 2 Dec 2012 13:19:07 +0000 From: Stuart Biggar <[email protected]<mailto:[email protected]>> Subject: [Thinkpad] W or T series with self-encrypting drive meeting FIPS 140-2, etc? To: Thinkpad Mailing List <[email protected]<mailto:[email protected]>> Message-ID: <823216aa177d7d44ab431e36b09fb63b13eef...@email.optics.arizona.edu<mailto:823216aa177d7d44ab431e36b09fb63b13eef...@email.optics.arizona.edu>> Content-Type: text/plain; charset="Windows-1252" I'm wondering if anyone on the list has any experience with getting a recent i7 CPU notebook, hopefully with a SSD that meets the NIST criteria for FIPS 140-2 and a BIOS and/or UEFI and TPM that supports some of the features like crypto erase, etc? I'd like to purchase a new notebook and I have to deal with export control rules and so on and I travel overseas. So I'd like for the drive to be transparently encrypted without the OS being involved, etc. Any suggestions? I'm currently using an old T-series for data collection but storing all data on a hardware encrypted Imation Defender USB stick. I'd like to be able to use the notebook itself but I need FIPS 140-2 level 2 or better (the Imation is Level 3) according to the legal beagles ? It is difficult to find out if BitLocker in 7 Enterprise is OK but I'm pretty sure a self- encrypting drive would be. The only SSD I can find on the NIST list of FIPS approved devices is the Samsung PM810 series which appears to have been replaced by the 830 and 840 which are listed as self encrypting using AES 256 and so on but I don't see an approval from NIST. I guess a self-encrypting rotating hard disk would be OK but SSDs are nice from a power and speed perspective. Or do I just use an enterprise quality SATA 2.5" SED? Thanks, Stuart _______________________________________________ Thinkpad mailing list [email protected] http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
