[unisog] Encryption and key escrow.

John C. Gale john_gale at uncg.edu
Fri May 2 17:16:16 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We have not currently implemented an Enterprise drive/container
encryption product.  We'd like to get there, but until we can we are
considering telling savvy users to use something like truecrypt.  The
user would be responsible for his own key and there would be no official
escrow.  I am aware of the challenges (user forgets password, user is
hit by a bus, data is lost, etc), but there are instances (perhaps even
broadly) where encrypting a drive is a good idea even if key management
is left completely up to the user.

My question is anyone doing this unofficially or officially in their
organizations (not you personally) to fill specific needs?  Is it
discouraged, ignored, encouraged or perhaps even supported for users in
your organization?

Feel free to respond to me directly and I will summarize for the list.

Cheers

John

- --
After all, all he did was string together a lot of old, well-known
quotations.
                -- H. L. Mencken, on Shakespeare
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIG0xgu0CHnE2bx84RAhV6AJwIJdWgM9N3KG0S42UflS61yRPT4gCcCOjf
tT53/lDprhx9dh8hnijDX+4=
=bNED
-----END PGP SIGNATURE-----


More information about the unisog mailing list