Re: [Fed-Talk] Whole Disk Encryption?
Re: [Fed-Talk] Whole Disk Encryption?
- Subject: Re: [Fed-Talk] Whole Disk Encryption?
- From: "Nichols, Jared - 1160 - MITLL" <email@hidden>
- Date: Fri, 22 Jan 2010 07:42:40 -0500
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Whole Disk Encryption?
Time Caspsules are not supported with SecureDoc. I'm not sure exactly what
the issue is, but it's in their release notes of the latest version.
j
On 1/22/10 12:52 AM, "Wm. Cerniuk" <email@hidden> wrote:
> A full restore, or any user account restore, or any object (file, data record)
> level restore?
>
> If a disk driver (encryption system or not) has negative impact with the file
> IO system, it is a red flag (danger Will Robinson). Whole disk encryption
> should be completely transparent to any and all applications and the file
> sub-system. It is nothing more than a mass storage driver presenting the
> standard block IO storage command-responses.
>
> V/R,
> Wm. Cerniuk
>
> Ph: 703.594.7616
>
>
> On Jan 21, 2010, at 6:56 PM, Robert Nicholson wrote:
>
>> I think I heard from WinMagic that Time Machine restores are not supported
>> with SecureDoc
>>
>> On Jan 21, 2010, at 7:46 AM, Nichols, Jared - 1160 - MITLL wrote:
>>
>>> We use SecureDoc and it works pretty well. The only issue, which is I think
>>> inherent of all full disk encryption products, is that when something goes
>>> wrong, it only goes wrong very badly.
>>>
>>> We work very closely with SecureDoc and making sure that the latest Apple
>>> hardware and OS is supported by their product. (The first Unibody MBP threw
>>> them for a loop with the new grphics card.) The only hangup is that when
>>> there's a new OS point release, if the SecureDoc product doesn't yet support
>>> it and the user updates their machines, they'll brick it.
>>>
>>> I know, big problem.
>>>
>>> We get around this by putting machines with SecureDoc in a separate upgrade
>>> cycle so that they do not get forced OS updates. We pay much more attention
>>> to these machines to ensure that the updated SecureDoc that supports the new
>>> point release is pushed to machines first, and then we'll enable the updated
>>> OS for them.
>>>
>>> One major down-side is that if you're going from say 10.5 to 10.6, you need
>>> to do a full decrypt, upgrade to 10.6, then a full re-encrypt. Long
>>> process.
>>>
>>> j
>>>
>>>
>>> On 1/20/10 8:24 PM, "Robert Nicholson" <email@hidden> wrote:
>>>
>>>> Is there any opinion on experiences from SecureDoc WDE and PGP WDE? PGP WDE
>>>> has 10.x which now supports Snow Leopard but SecureDoc already supports
>>>> Snow
>>>> Leopard. PGP WDE seems to be considerably easier to buy than SecureDoc from
>>>> what I can tell and I like that PGP has a support forum that's active. I've
>>>> seen PGP WDE work reliably in Leopard but have no experience with it in
>>>> Snow
>>>> Leopard. Has anybody been able to find out how much SecureDoc for Snow
>>>> Leopard
>>>> actually costs? Personally I hate the whole reseller model it's so out of
>>>> date. _______________________________________________
>>>> Do not post admin requests to the list. They will be ignored.
>>>> Fed-talk mailing list (email@hidden)
>>>> Help/Unsubscribe/Update your Subscription:
>>>>
>>>> This email sent to email@hidden
>>>
>>> ---
>>> Jared F. Nichols
>>> Desktop Engineer, Client Services
>>> Information Services Department
>>> MIT Lincoln Laboratory
>>> 244 Wood Street
>>> Lexington, Massachusetts 02420
>>> 781.981.5436
>>>
>>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden