[Fed-Talk] Encryption
[Fed-Talk] Encryption
- Subject: [Fed-Talk] Encryption
- From: Alan Lesse <email@hidden>
- Date: Thu, 25 Feb 2016 10:50:50 -0500
I work at a VA Hospital and we have a grant to do some large data analysis and wanted to put some Macs on our network. Despite the fact that Yosemite has been approved (with constraints) on the most recent One-VA Technical Reference Model v16.2 (1/4/2016), and the CoreCrypto module is FIPS 140-2 certified (El Capitan is One TRM approved but the CryptoModule is still waiting I believe), I am told that since File Vault is not on the approved list of encryption programs, the laptop must be encrypted with an approved third party product.
My logic is that if the module and the OS are certified and File Vault is part of the OS, the program does not have to appear on the list to use it. Sticky notes, Calculator, and Paint are all part of the Windows environment that do not appear on lists of approved programs, but we are allowed to use those applications. I do realize that disk encryption should have a higher level of security then desktop apps, but I don’t understand why FileVault is not recognized if it’s part of the OS. I am told that I can request use at TRM.
Has anyone been able to use a Mac in the VA or other Federal environment with File Vault? My experience with third party disk encryption programs has not been stellar.
Alan Lesse
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden