+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
How do you do....it? Thread, Encryption of school data in Technical; I got another sales flier through the post for a product called deviceshield which appears to encrypts data transferred to ...
  1. #1

    Sylv3r's Avatar
    Join Date
    Jul 2005
    Location
    Co. Durham
    Posts
    3,197
    Thank Post
    370
    Thanked 374 Times in 332 Posts
    Rep Power
    147

    Encryption of school data

    I got another sales flier through the post for a product called deviceshield which appears to encrypts data transferred to a memory pen etc.

    It has a quote from Becta

    "... if your school does not have encryption now, you should stop all copying, removing or accessing protected data until you have software to encrypt files and protect the communication links accessing this data."

    The question is how many schools are encrypting data leaving school on teachers memory pens etc as we certainly are not. We have the SIMS webparts and have the necessary SSL certificate installed etc, but nothing locally is on our network to prevent this.

    Is this a realistic demand from Becta - when is the deadline to have this in place - now?

  2. #2
    pooley's Avatar
    Join Date
    Sep 2005
    Location
    S Wales
    Posts
    1,128
    Thank Post
    77
    Thanked 118 Times in 99 Posts
    Rep Power
    66
    We use truecrypt to encrypt all usb pens that are used within school. We are about to start encrypting laptops that will be used off site.

  3. #3
    DrPerceptron's Avatar
    Join Date
    Dec 2008
    Location
    In a house
    Posts
    911
    Thank Post
    34
    Thanked 133 Times in 113 Posts
    Rep Power
    40
    Last I read on it, BECTA's stuff were just good practice guidelines...

    I'd raise the question, if they have all the sims web parts... why do they need to take confidential info on a memory stick? (I've never seen the SLG let alone used it!)

  4. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,922
    Thank Post
    1,332
    Thanked 1,774 Times in 1,101 Posts
    Blog Entries
    19
    Rep Power
    593
    Quote Originally Posted by DrPerceptron View Post
    Last I read on it, BECTA's stuff were just good practice guidelines...
    Yes, to help you fit into the way the ICO wants you to use and control data based on the latest interpretation of the law. It's like this ... if you do it then you aren't likely to get into trouble ... if you don't do it and something goes wrong you haven't covered yourself or the school. If you get told not to do it by someone further up due to time / staffing / costs then get it in writing and cover yourself.

    Technology is not the only part of the solution on this ... educating staff is just as important.

  5. #5

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,154
    Thank Post
    12
    Thanked 224 Times in 214 Posts
    Rep Power
    66
    We are just in the process of rolling out Safeboot to all our laptops then it will be desktops. Seems to be a decent package and does the job for what we need.

  6. #6
    Butuz's Avatar
    Join Date
    Feb 2007
    Location
    Wales, UK
    Posts
    1,579
    Thank Post
    211
    Thanked 220 Times in 176 Posts
    Rep Power
    62
    Joy - we have to jump though hoops and spend £throusands to encrypt a few word documents containing little or no personal data that teachers may take off site - and all because the govmt' seem to have been intent on sending CD's full of our personal, private data through the postal service????

    Anvil to crack a nut anyone?

    Butuz

  7. #7

    russdev's Avatar
    Join Date
    Jun 2005
    Location
    Leicestershire
    Posts
    6,915
    Thank Post
    708
    Thanked 549 Times in 364 Posts
    Blog Entries
    3
    Rep Power
    204
    You don't need to spend loads of money on this technology is only part of the answer main thing is time..

    Also lot of LAs will mandate that you follow the guidance. In Leicestershire the financial audit team who have far reaching powers will be checking you are following the guidance.

    Russ

  8. #8


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by russdev View Post
    You don't need to spend £10000 on this technology is only part of the answer..
    I'm sure Capita are rushing to produce a security module to comply with becta's data handling requirements, and one way or another they will be passing the costs onto us.

    but for now Becta recommend truecrypt which will encrypt entire USB drives, or laptop hard drives. It's really easy to set up and becta even provide documentation:
    Truecrypt is opensource

    TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP, Mac OS X and Linux
    Becta Schools - Leadership and Management - Security - Data handling security guidance for schools

  9. #9

    Join Date
    Dec 2008
    Posts
    66
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Truecrypt is an excellent, stable product. I use a portable version on my USB to encrypt the data on it so I can access it from any PC. It's perfect for laptops too. Set up right it's as simple as typing in a password after you've booted up and an encrypted drive is mounted. You can save to it, back up to/from it, even defrag it.

    I think it's worth encrypting USB sticks since it's very hard to erase data from them. Even most commercial "evidence eraser" packages don't wipe data from USB sticks properly due to the level-wearing system they tend to use. So sensitive data can stay on them for ages.

  10. #10
    Butuz's Avatar
    Join Date
    Feb 2007
    Location
    Wales, UK
    Posts
    1,579
    Thank Post
    211
    Thanked 220 Times in 176 Posts
    Rep Power
    62
    Ok we learn something new every day that is what I like about this job!

    One question? As standard .exe files can not be run from USB memory sticks as standard - does this mean the encrypted memory sticks will not work?

    Cheers

    Butuz

  11. #11

    Join Date
    Dec 2008
    Posts
    66
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    You can set it up in different ways. I only have the portable TC executables on the stick itself because non many of the PCs I work on have it so I want to be able to access my data where I like. My admin rights allow me to run exe's from sticks OK.

    The standard way of using TC is to install it on your machine and then store either a "file container" or partition (or an entire device) on the device you wish the data to be held - be that the HD of the PC or a removable memory device. You then point TC at the file/partition/device and tell it to mount it.

    Does that actually answer your Q?

  12. #12
    WithoutMotive's Avatar
    Join Date
    Feb 2006
    Location
    Wigan, UK
    Posts
    618
    Thank Post
    41
    Thanked 45 Times in 39 Posts
    Rep Power
    27
    Someone asked me what good is it when whoever steals a USB drive can just delete the container file... I proceeded to tell them that the encryption process was to prevent access to the information, not to prevent it being deleted. Some people get a bit confused.

  13. #13

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,273
    Thank Post
    614
    Thanked 1,567 Times in 1,407 Posts
    Rep Power
    412
    One question? As standard .exe files can not be run from USB memory sticks as standard - does this mean the encrypted memory sticks will not work?
    As standard on what? I presume you are running a CC3 network?

    Ben

  14. #14
    mortstar's Avatar
    Join Date
    Jan 2007
    Location
    Oxford
    Posts
    341
    Thank Post
    12
    Thanked 29 Times in 18 Posts
    Rep Power
    21
    Quote Originally Posted by Sylv3r View Post
    I got another sales flier through the post for a product called deviceshield which appears to encrypts data transferred to a memory pen etc.

    It has a quote from Becta

    "... if your school does not have encryption now, you should stop all copying, removing or accessing protected data until you have software to encrypt files and protect the communication links accessing this data."

    The question is how many schools are encrypting data leaving school on teachers memory pens etc as we certainly are not. We have the SIMS webparts and have the necessary SSL certificate installed etc, but nothing locally is on our network to prevent this.

    Is this a realistic demand from Becta - when is the deadline to have this in place - now?
    A letter sent, form what apparently looks like the SSAT to all SSAT schools which is basically just pure marketing drivel. I think this is deplorable to be honest. They point the Heads at a Becta paper but not at the suggested Open Source solution, instead offering what I expect to be an overpriced piece of standard (read 'buggy as hell') educational piece of software.

    "you should stop all copying, removing or accessing protected data until you have software to encrypt files"...I'll just get my magic wand out and sort that out before the end of term, yeah?

  15. #15


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,619
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    We've been receiving fear-mongering software offers for a while now. Notice to any advertisers listening in: I will not buy from you if you engage in this behaviour - FUD is not welcome.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Data Encryption Memory sticks
    By witch in forum Educational Software
    Replies: 44
    Last Post: 7th May 2009, 11:59 AM
  2. Replies: 4
    Last Post: 24th September 2008, 11:38 AM
  3. Data Manager - Birmingham School
    By GregNeumann in forum Educational IT Jobs
    Replies: 4
    Last Post: 15th May 2008, 08:20 PM
  4. Data encryption for servers
    By link470 in forum Windows
    Replies: 7
    Last Post: 6th February 2008, 05:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •