LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: February 6th, 2012
Linux Advisory Watch: February 3rd, 2012
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
U.S. gov't mandates laptop security Print E-mail
User Rating:      How can I rate this item?
Source: Security Focus - Posted by Efren J. Belizario   
Government The Bush Administration is giving federal civilian agencies just 45 days to comply with new recommendations for laptop encryption and two-factor authentication.

The memo follows a wave of high profile data thefts and major security breeches involving remote access or the theft of government laptop computers containing sensitive personal information.

Read this full article at Security Focus

Comments
Full Disc Encryption requiredWritten by Saqib Ali on 2006-07-09 21:16:59
These might help: 
http://www.full-disc-encryption.com/Full_Disc_Encryption.html 
 
There are some agencies in DC looking into full disc encryption. The following are some reasons why full disc encryption is preferable. 
 
1) Encryption of temporary / swap is important as confidential data 
maybe revealed from these files in case of HDD theft. 
 
2) Quick Erase functionality as advertised by Seagate's FDE.2 drive 
provide immediate data destruction by replacing the AES key on the 
ASIC. This can save thousands of dollar the agency spends in proper 
destruction of the HDD. Once the encryption key is removed the HDD can be repurposed. 
See 
http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf 
 
3) user-proof. everything is encrypted if FDE is enabled. This the key. The employee who has sensitive data on his/her laptop should not have to decide which file/folders to encrypts. That decision must be made for them, which is to encrypt everything. No exceptions!!! 
 
4) pre-boot authentication using bio-metric or secure tokens or smart-cards. 
 
5) Hardware based Full Disc Encryption is fast, and creates minimum overhead, so the employee has NO excuse to NOT encrypt data..

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Yesterday's Edition
Hackers Hit Apple Supplier Foxconn, Leak Usernames And Passwords
Hackers Mug Google's Wallet App on Rooted Android Devices
Google Chrome will no longer check for revoked SSL certificates online
Have Your Users' Passwords Already Been Hacked?
DDoS Tools Flourish, Give Attackers Many Options
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2012 Guardian Digital, Inc. All rights reserved.