[unisog] Encryption and key escrow.
John C. Gale
john_gale at uncg.edu
Fri May 2 17:16:16 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
We have not currently implemented an Enterprise drive/container
encryption product. We'd like to get there, but until we can we are
considering telling savvy users to use something like truecrypt. The
user would be responsible for his own key and there would be no official
escrow. I am aware of the challenges (user forgets password, user is
hit by a bus, data is lost, etc), but there are instances (perhaps even
broadly) where encrypting a drive is a good idea even if key management
is left completely up to the user.
My question is anyone doing this unofficially or officially in their
organizations (not you personally) to fill specific needs? Is it
discouraged, ignored, encouraged or perhaps even supported for users in
Feel free to respond to me directly and I will summarize for the list.
After all, all he did was string together a lot of old, well-known
-- H. L. Mencken, on Shakespeare
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the unisog