LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How strictly do your users obey your security policies?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Security Week: December 1st, 2008
Linux Advisory Watch: November 28th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
U.S. gov't mandates laptop security Print E-mail
User Rating:      How can I rate this item?
Source: Security Focus - Posted by Efren J. Belizario   
Government The Bush Administration is giving federal civilian agencies just 45 days to comply with new recommendations for laptop encryption and two-factor authentication.

The memo follows a wave of high profile data thefts and major security breeches involving remote access or the theft of government laptop computers containing sensitive personal information.

Read this full article at Security Focus

Comments
Full Disc Encryption requiredWritten by Saqib Ali on 2006-07-09 21:16:59
These might help: 
http://www.full-disc-encryption.com/Full_Disc_Encryption.html 
 
There are some agencies in DC looking into full disc encryption. The following are some reasons why full disc encryption is preferable. 
 
1) Encryption of temporary / swap is important as confidential data 
maybe revealed from these files in case of HDD theft. 
 
2) Quick Erase functionality as advertised by Seagate's FDE.2 drive 
provide immediate data destruction by replacing the AES key on the 
ASIC. This can save thousands of dollar the agency spends in proper 
destruction of the HDD. Once the encryption key is removed the HDD can be repurposed. 
See 
http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf 
 
3) user-proof. everything is encrypted if FDE is enabled. This the key. The employee who has sensitive data on his/her laptop should not have to decide which file/folders to encrypts. That decision must be made for them, which is to encrypt everything. No exceptions!!! 
 
4) pre-boot authentication using bio-metric or secure tokens or smart-cards. 
 
5) Hardware based Full Disc Encryption is fast, and creates minimum overhead, so the employee has NO excuse to NOT encrypt data..

Write Comment
  • Please keep the topic of messages relevant to the subject of the article.
  • Personal verbal attacks will be deleted.
  • Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:

Code:* Code

Powered by AkoComment!
 
< Prev   Next >
    
Partner:

 
Latest Features
A Secure Nagios Server
Never Installed a Firewall on Ubuntu? Try Firestarter
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Yesterday's Edition
Set Up a SSH-Based Point to Point Connection

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.