I am wondering whether data encryption has appeared on any of your radars yet? I am aware that disk and data encryption are starting to become a requirement for local authorities and schools, but I am wondering just how much thought is being given to it.
We have been asked by the members of the YHGfL Network Group to get an indicative price from Sophos for their encryption software SafeGuard Device Encryption coupled with Safeguard Management Centre and Safeguard Data Exchange to see if we can get a deal similar to the one we got for the Sophos AV stuff. I am curious however as to how many of our regions schools would be interested in such a deal. There is no point in us buying a load of licenses, even if it is at a fantastic deal if then none of the schools are bothered aboout buying it.
Let me know if there is any appetite in your school. We are probably talking around £20 per license (perpetual) with £5 maintenance per annum for updates. Obviously the more schools that sign up, the cheaper this could get.
We are using Windows Bitlocker now on all laptops.
It works great. We purchased a load of USB keys and customised them with the school logo etc etc and now all the laptops have been rebuilt and encrypted. The member of staff just simply inserts the USB key on boot and then removes it and the laptop boots.
We had to change the local group policy to allow bitlocker to use a USB key rather than look for a TPM chip each time but if a laptop has TPM obviously we use that.
You can only use Bitlocker on Windows Vista Enterprise/Ultimate and Windows 7 Enterprise/Ultimate. We have a large Microsoft Schools Agreement so we could have Enterprise Editions.
Hope this helps
I wouldn't trust Sophos with my data encryption, it seems in my experience to be missing viruses again at work or being slow on detection, so would be concerned about having that, plus its more eggs in one basket. I am using and rolling out Truecrypt to all my staff Laptops, nearly done them all now, and its working great.
Encryption is certainly on my radar. I've had to implement it on around 100 laptops, both PCs and Macs. A Government agency paid. Trucrypt was a no-go for them - as it wasn't on "the list" of approved products. Only PGP Enterprise fitted our cross platform needs that met with their requirements.
Having a central keyserver with the ability to issue recovery tokens for when they forget them is cool! Integrates with a AD, eDir, LDAP too.
TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux
TrueCrypt's Wikipedia page is good for a quick summary, and the "see also" section is probably a good place to start looking for other similar systems (both free and paid-for, like PGP as mentioned above) for comparison:
[ame=http://en.wikipedia.org/wiki/TrueCrypt]TrueCrypt - Wikipedia, the free encyclopedia[/ame]
Last edited by dhicks; 22nd January 2010 at 12:16 AM.
Well it used the word: "Management".What does that do that, say, TruCrypt doesn't?
With TrueCrypt you have to be very organised e.g. keep initial recovery ISOs to ensure IT folk can get access to some encrypted drive after the user has changed the password to suit themselves etc. One assumes these products help with that side of things.
Management was the big issue for us.
Having a multi-platform solution where the same individual users' credentials can be used for multiple machines - including a hardware token that I can use to gain access to locked drives.
It's really the way to doing the job properly when you can't trust people to remember the same number of different passwords that you do.
It has already saved our bacon when a laptop was left at an airport.
Feel free to contact me about the issues with data encryption in a mixed platform environment. I don't run a standard ship (no Windows servers for example), and management gave us 8 days to implement a solution.
Licensed per site, or per client?Let me know if there is any appetite in your school. We are probably talking around £20 per license (perpetual) with £5 maintenance per annum for updates. Obviously the more schools that sign up, the cheaper this could get.
Per client I think.
Might be interested for our laptops - we already encrypt them but I'm not overwhelmed by the software we use.
There are currently 1 users browsing this thread. (0 members and 1 guests)