full volume encryption

Specifying and supporting disk encryption

Encryption is at the top of the business agenda following a spate of embarrassing data breaches. How can you design and implement encryption systems to suit your customers’ needs without making life harder all round?

Online resources for whole disk and full volume encryption

Microsoft System Integrity Team blog: Protecting BitLocker from cold boot and direct memory access attacks
Ed Felten’s research team uncovered the cold boot attack, which can be used to recover encrypted information from RAM in the clear. This is Microsoft’s explanation of how to protect BitLocker users from the threat as an administrator, by enforcing PINs or USB tokens.
http://blogs.msdn.com/si_team/archive/2008/02/25/protecting-bitLocker-from-cold-attacks-and-other-threats.aspx

Configuring AD to backup BitLocker recovery keys
http://go.microsoft.com/fwlink/?LinkId=67438
BitLocker keys should be backed up so that they can be recovered in the event of a lost key or damaged storage media. This article explains how it’s done.

Download


Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010

 
FREE SUBSCRIPTION!
Banner

IT EXPERT TOP TIP

If you're supporting en users who need to transfer files by FTP occasionally, explaining how to use FTP every time can get frustrating. Map an FTP site as a custom network location and they can do it through the familiar Explorer window. If you only have a couple of machines you can choose Tools >Map Network Drive… in Explorer and click the link 'Connect to a Web site that you can use to store your documents and pictures' to open a wizard that creates a network location. Select 'Choose a custom network location', type in the FTP address and fill in the user name and password. You can also create mapped drives and network places on the Environment tab of the user's Active Directory object - but if you have a lot of users to set up, put it in the logon script for the user profile under Active Directory Users and Computers.
If you're running into problems with Group Policy Objects, check this handy summary of the rules at http://support.microsoft.com/kb/555991/en-us. read more

TAKE THE POLL

Unified communications

Banner

The #1 Bestseller for Only 77p

RECENT COMMENTS