Presentation is loading. Please wait.

Presentation is loading. Please wait.

Erick Engelke Director, Engineering Computing January 10, 2010

Published byChristopher Parham Modified over 10 years ago

Similar presentations

Presentation on theme: "Erick Engelke Director, Engineering Computing January 10, 2010"— Presentation transcript:

1 Erick Engelke Director, Engineering Computing erick@uwaterloo.ca January 10, 2010 erick@uwaterloo.ca

2 Policy 8 – Information Security On servers we restrict logical access to data, physical access to hardware – data is relatively safe Laptops (and desktops) often contain restricted information Using boot CDs, one can easily read information on a stolen laptop Data deletion at laptop surplus time

3 Host all data only on servers, like the GAP Requires highspeed internet access Readonly is more easily achieved Read/Write access on Terminal Servers Hosted Office (like GoogleDocs) would help Data Encryption on laptops Safeguard data against stolen or surplused laptops Bitlocker on some Windows Commercial, pricey – limited to their features Open source – TrueCrypt, DiskCryptor lacks some features

4 Key escrow is an arrangement in which keys to decrypt encrypted data are held in escrow Under certain circumstances, an authorized third party may gain access to those keys In our case, the laptop owner should also be able to recover a forgotten password

5 Vista and Windows 7 – upper level licenses Not available on Windows of most laptops upgrade laptops to Win7 Enterprise, replace existing OS, lose vendor features, driver mess Key escrow requires laptops join domain first Key escrow does not appear to work when off-site Win 7 Ent. uses lots of disk space, bad for NetBooks

6 Open source, free Supports all recent versions of Windows, Mac, Linux Good encryption – CIA cant crack it yet Options – encrypt disk drive, partition, logical volume, memory stick GUI is a little messy No key escrow Weird licensing restrictions – cannot distribute modified source

7 Open source, free, modifiable GNU license is very compatible with our needs Supports all recent versions of Windows but NOT Mac, Linux Good encryption Options –partition, CD/DVD, memory stick GUI is a pretty nice, source is very nice No key escrow

8 Added key escrow to TrueCrypt, DiskCryptor 32 bit / 64 bit code added to program Uses IE and SLL to communicate with campus web server PHP code there stores password in MySQL DB User can use web to recover own password Would benefit from PKI Can be modified for our needs

9 Program errors o number of diskcryptor clients reduces this likelihood o BIOS can be problems with any product Key leakage at server o would reduce security to present levels at worst o Can use public key if we want to remove decrypt key from server Works with existing clients, but is it futureproof? o Is Anything? We have had a good track record in EngComp o If we decide to switch, decrypt disk, then encrypt with new product, no risk just time spent o Open source lets us upgrade on our timetable, avoid licensing driving us o Free to add functionality or remove annoying features o Source is available, expertise exists in the cloud, not just local o Buying Oracle doesnt mean we can use Win7 or IE8, every vendor is slow

10

Download ppt "Erick Engelke Director, Engineering Computing January 10, 2010"

Similar presentations

Preparing for Installation Reviewing the list of tasks Working with DNS Recording information Backing up files Uncompressing the drive Disabling disk mirroring.

Preparing for Installation Reviewing the list of tasks Working with DNS Recording information Backing up files Uncompressing the drive Disabling disk mirroring.
Speaker Name, Title Windows 8 Pro: For Small Business.

Speaker Name, Title Windows 8 Pro: For Small Business.
Encryption Jack Roberts, PPD, RAL, STFC. Why? Government reaction to high profile data losses. STFC General Notices 30 th January, 1 st February 2008.

Encryption Jack Roberts, PPD, RAL, STFC. Why? Government reaction to high profile data losses. STFC General Notices 30 th January, 1 st February 2008.
Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
George Skarbek March 2010. What drives? There are three types of virtual drives that can help. They are: A mapped network drive Virtual CD/DVD drive RAM.

George Skarbek March What drives? There are three types of virtual drives that can help. They are: A mapped network drive Virtual CD/DVD drive RAM.
This presentation will take a look at to prevent your information from being discovered by and investigator.

This presentation will take a look at to prevent your information from being discovered by and investigator.
Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007 Harvard Townsend Interim University IT Security Officer 532-2985 College.

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007 Harvard Townsend Interim University IT Security Officer College.
1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.

1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.
SPLA Licensing New Products Tips & Tricks.

SPLA Licensing New Products Tips & Tricks.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Data Encryption Overview South Seas Corporation Jared Owensby.

Data Encryption Overview South Seas Corporation Jared Owensby.
Lecture 10: The FAT, VFAT, and NTFS Filesystems 6/17/2003 CSCE 590 Summer 2003.

Lecture 10: The FAT, VFAT, and NTFS Filesystems 6/17/2003 CSCE 590 Summer 2003.
1 Web Server Administration Chapter 3 Installing the Server.

1 Web Server Administration Chapter 3 Installing the Server.
Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.

Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.
MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.

MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
Chapter 7: Configuring Disks. Configuring File Systems Fat32 –First used with Windows 95 OSR2 –Smaller cluster sizes, more efficient storage up to 32.

Chapter 7: Configuring Disks. Configuring File Systems Fat32 –First used with Windows 95 OSR2 –Smaller cluster sizes, more efficient storage up to 32.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 2 Installing Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 2 Installing Windows Server 2008.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

Similar presentations

Ads by Google