+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 26 of 26
Yorkshire & Humberside Grid for Learning (YHGfL) Thread, Data Encryption in Regional Broadband Consortiums (RBC); Yes has been for about 12 months (I am on the LA working party). Few things True Crypt is good ...
  1. #16

    russdev's Avatar
    Join Date
    Jun 2005
    Location
    Leicestershire
    Posts
    6,873
    Thank Post
    650
    Thanked 534 Times in 353 Posts
    Blog Entries
    3
    Rep Power
    200
    Yes has been for about 12 months (I am on the LA working party). Few things True Crypt is good for whole disk backup such as laptops.

    As a memory stick solution I think it is very complicated and staff would not use them. Hence why for memory sticks we are looking for better solution (hardware based encryption was idea until someone broke it so need to look into it bit more).

    But key issue here is finding a solution that works both on MACS and Windows.

    But anyway feel free to give me a buzz if want to discuss it more.

    Russ

  2. #17

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,054
    Thank Post
    11
    Thanked 204 Times in 198 Posts
    Rep Power
    63
    We currently use McAffee Endpoint Encryption (Safeboot) if anyone has any queries, we were forced to use this (NHS agreement). It's good at its job and most of the problems have been solved.

    I would be interested in TrueCrypt (am I right in believing this is the free download one) for use on my netbook possibly.

  3. #18

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,493
    Thank Post
    1,184
    Thanked 745 Times in 647 Posts
    Rep Power
    228
    Quote Originally Posted by russdev View Post
    As a memory stick solution I think it is very complicated and staff would not use them.
    I think that's the area to spend money in - getting rid of the need for teachers and other staff to carry around external storage devices and laptops with locally-kept copies of files in the first place.

    --
    David Hicks

  4. #19

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,439
    Thank Post
    1,468
    Thanked 1,035 Times in 908 Posts
    Rep Power
    299
    Quote Originally Posted by MatthewL View Post
    I would be interested in TrueCrypt (am I right in believing this is the free download one) for use on my netbook possibly.
    Yes it is the free one, I use it with good success

  5. #20
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,455
    Thank Post
    278
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Quote Originally Posted by dhicks View Post
    I think that's the area to spend money in - getting rid of the need for teachers and other staff to carry around external storage devices and laptops with locally-kept copies of files in the first place.
    I've wondered about that, when it was suggested that we should buy all teachers hardware-encrypted drives - I thought, hmm, a decent remote access system would be cheaper... I suspect that people are now so engrained in the use of pen drives that it would be an impossible battle to win, however sensible it is.

  6. #21
    ayoward's Avatar
    Join Date
    Apr 2009
    Location
    North Yorkshire
    Posts
    78
    Thank Post
    28
    Thanked 36 Times in 17 Posts
    Rep Power
    17
    Quote Originally Posted by enjay View Post
    I've wondered about that, when it was suggested that we should buy all teachers hardware-encrypted drives - I thought, hmm, a decent remote access system would be cheaper... I suspect that people are now so engrained in the use of pen drives that it would be an impossible battle to win, however sensible it is.
    Now it's interesting that you should say that. I have been having the exact same thoughts, and to that end, we are now going to be developing a low cost VPN solution that uses Cisco IPSEC VPN tunnelling secured by two factor authentication with a one time password. We already have a solution in place which is used by IT Technicians really and a few teachers which is secured by CRYPTOCard 2FA tokens, but when the tokens are 30 a pop, they will never be rolled out to the whole teaching staff in a school as you would be looking at a 3K outlay. So we are looking at SMS one time passwords, your mobile phone then becomes one facter and your memeorised PIN becomes the other factor in 2FA. My logic is if you have a secure tunnel into the school, the data will never need to leave school and you don't have to worry about encryption. If we get the security right, it could be rolled out to parents and even students for access to various bit of reporting and RDP to desktop for use of specialised software.

    Watch this space.

  7. #22

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    114
    the data will never need to leave school
    I'd still fully encrypt laptops, but that approach definitely has my sympathy and also because it helps with another risk i.e. the data might get backed up if it's still at the school.

    I work like that a lot and the issues for me (which may depend on how you configure it):

    * I'm exclusively on the Cisco VPN network i.e. it messes with the local routing tables so I can't send something to a printer on my local network.

    * Similarly I can't fire up a local browser to go check someting on the net (unless I'm RDPd into a box). For me this turns out to be quite a pain, so I often have Laptop-on-VPN and home PC-not-on-VPN going at the same time.

    * RDP works fine then just freezes sometimes... could be anything between me on contended 10Mb ISP link typically talking to a target on 100Mb. As ever, you do have to think about bandwidth and bottlenecks at various times and places.

  8. #23
    ayoward's Avatar
    Join Date
    Apr 2009
    Location
    North Yorkshire
    Posts
    78
    Thank Post
    28
    Thanked 36 Times in 17 Posts
    Rep Power
    17
    Quote Originally Posted by PiqueABoo View Post
    I work like that a lot and the issues for me (which may depend on how you configure it):

    * I'm exclusively on the Cisco VPN network i.e. it messes with the local routing tables so I can't send something to a printer on my local network.

    * Similarly I can't fire up a local browser to go check someting on the net (unless I'm RDPd into a box). For me this turns out to be quite a pain, so I often have Laptop-on-VPN and home PC-not-on-VPN going at the same time.
    What you need is split tunnelling. If you get it right, you should be able to do what ever you like on your local network and only the stuff that needs to will go down the VPN. What you would need to be careful of in that situation though is that you need to be sure that your local network is clean and patched so you can't inroduce something inadvertently to your VPN network. You will have the "Tunnel Everything" switched on on your VPN concentrator. Let me know if you need any pointers as to what you will need to change if you don't already know.

  9. #24

    SpuffMonkey's Avatar
    Join Date
    Jul 2005
    Posts
    2,192
    Thank Post
    52
    Thanked 270 Times in 178 Posts
    Rep Power
    131
    Quote Originally Posted by dhicks View Post
    I think that's the area to spend money in - getting rid of the need for teachers and other staff to carry around external storage devices and laptops with locally-kept copies of files in the first place.

    --
    David Hicks
    Yeah - we put in an outward facing Citrix solution - so that staff can work from home pretty much as if they were at their PC in school - which seems to work well - as they can do their reports etc when they feel like it and there are no problems with backups/incompatible software etc - the only probs are with people out in the sticks who can't get a relatively decent bb connection

  10. #25
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    842
    Thank Post
    76
    Thanked 225 Times in 185 Posts
    Rep Power
    80
    Last time I looked at truecrypt, it required users to have administrative access to be able to work with encrypted content... has this changed of late?

    We've been using AxCrypt where required, which allows stuff to be encrypted using a key file which we host on internal server shares which are restricted departmentally. All staff then use either a central or departmental keyfile, to prevent "forgotten my key..." issues.

  11. #26
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,455
    Thank Post
    278
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Quote Originally Posted by Marci View Post
    Last time I looked at truecrypt, it required users to have administrative access to be able to work with encrypted content... has this changed of late?
    They either need to be admins or working on a PC with the drivers already installed, so if you put them on the PCs in school, they will be fine with restricted accounts. I think!

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Implementing Data Encryption
    By enjay in forum How do you do....it?
    Replies: 1
    Last Post: 12th May 2009, 10:41 AM
  2. Encryption of school data
    By Sylv3r in forum How do you do....it?
    Replies: 27
    Last Post: 12th May 2009, 09:10 AM
  3. Data Encryption Memory sticks
    By witch in forum Educational Software
    Replies: 44
    Last Post: 7th May 2009, 11:59 AM
  4. Data encryption for servers
    By link470 in forum Windows
    Replies: 7
    Last Post: 6th February 2008, 05:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •