Stuart, Would TrueCrypt suffice? While it can be used to encrypt an entire drive (even a windows boot drive), it sounded like your needs are really just for an encrypted data storage location (something like the USB drive you now use, but more convenient). If that's the case, might just use TrueCrypt (or similar software) to create a virtual disk of any desired size that resides on your SSD, using any number of encryption methods.
On Sun, Dec 2, 2012 at 1:58 PM, Rosen, Robert (NIH/NIAMS) [E] < [email protected]> wrote: > Stuart: > > We full disk encrypt all our laptops, hard disk and SSD. We use enterprise > versions of PointSec (now Checkpoint. IIRC) or PGP. Both work fine. We > have not found FIPS 140-2 approved devices to use. In talking to the > vendors, they say by the time a disk gets certified, the disk is obsolete. > So while they have disks that encrypt to that standard, they're not > certified. > > I've beat on our Lenovo rep to offer such disks but they seem to have the > same problem in getting them certified. > > _______________________ > Robert Rosen > Senior Technical Advisor, NIAMS > Sent from the portable shiny device > > ----------------------------------- > Date: Sun, 2 Dec 2012 13:19:07 +0000 > From: Stuart Biggar <[email protected]<mailto: > [email protected]>> > Subject: [Thinkpad] W or T series with self-encrypting drive meeting > FIPS 140-2, etc? > To: Thinkpad Mailing List <[email protected]<mailto:[email protected] > >> > Message-ID: > <823216aa177d7d44ab431e36b09fb63b13eef...@email.optics.arizona.edu > <mailto:823216aa177d7d44ab431e36b09fb63b13eef...@email.optics.arizona.edu > >> > Content-Type: text/plain; charset="Windows-1252" > > I'm wondering if anyone on the list has any experience with getting a > recent i7 CPU > notebook, hopefully with a SSD that meets the NIST criteria for FIPS 140-2 > and > a BIOS and/or UEFI and TPM that supports some of the features like crypto > erase, etc? > > I'd like to purchase a new notebook and I have to deal with export control > rules > and so on and I travel overseas. So I'd like for the drive to be > transparently > encrypted without the OS being involved, etc. Any suggestions? > > I'm currently using an old T-series for data collection but storing all > data on a > hardware encrypted Imation Defender USB stick. I'd like to be able to > use the notebook itself but I need FIPS 140-2 level 2 or better (the > Imation > is Level 3) according to the legal beagles ? > > It is difficult to find out if BitLocker in 7 Enterprise is OK but I'm > pretty sure a self- > encrypting drive would be. The only SSD I can find on the NIST list of > FIPS approved > devices is the Samsung PM810 series which appears to have been replaced by > the 830 > and 840 which are listed as self encrypting using AES 256 and so on but I > don't see an > approval from NIST. > > I guess a self-encrypting rotating hard disk would be OK but SSDs are nice > from a > power and speed perspective. Or do I just use an enterprise quality SATA > 2.5" SED? > > Thanks, > > Stuart > _______________________________________________ > Thinkpad mailing list > [email protected] > http://stderr.org/cgi-bin/mailman/listinfo/thinkpad > _______________________________________________ Thinkpad mailing list [email protected] http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
