• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

USB Encryption

C

creative-2008

Weaksauce
Joined
Dec 23, 2008
Messages
100
In my organisation we need to access to data outside of work hours. If we were to go down the route of USB sticks, is this an acceptable solution?

Windows Bitlocker to encrypt
Agreed standard for passwords
Database of USB sticks and serial numbers recorded

In the long term, we're hoping to achieve an encrypted connection between laptops and our server, but that seems a long way off. I realise that one of the implications with Bitlocker is comparability, but were only talking about a handful of users, who all seem to have Windows 7 or later.
 
we use gfi-endpointsecurity. it encrypts/monitors/logs what data is RW to usb drives.
 
Instead of using passwords for bitlocker, couldn't you use your AD user certificate? I assume you are using windows network and have a windows certificate server.

Personnaly I have not done this but curious if this is possible?
 
Thanks for informing me about that software. My understanding from their website and your post is that one of the main advantages is that it monitors and logs what data is written to the USB. In our environment, that wouldn't be especially pertinent, because we're a public sector organisation, and wouldn't have any information that would be useful to competitors etc.

I've not heard that Bitlocker can be used in this way, and as users would be using the USB at home on personal laptops, I'm not sure that it would be particularly useful to us at this time. It does however sound interesting, and is something that I will be reading up on.

After a bit more reading into Bitlocker, it seems that it's only included in the most expensive versions of each Windows OS. So this is likely to rule out a number of staff.

I have now read a bit more intoLaCie Private and Public, which appears to be compatible with both Windows and Mac. This doesn't require installing and boasts 256 bit AES encryption.

Does anyone have any thoughts about whether this is a) practical, and b) secure enough for protecting confidential information.

I see a few weak points in the chain. Users writing their passwords down, not choosing strong enough passwords, or leaving the memory stick unlocked in a public place.

Edit:

I've just discovered that some USB sticks come with hardware based encryption, which means that they are wiped after 10 incorrect attempts, and significantly limits the chance of brute force attacks. They're coming in at a little more money, but are they worth the extra?

I have been looking at this Kingston drive, and have read up on it (a little) here.
 
Last edited:
As an Amazon Associate, HardForum may earn from qualifying purchases.
You must log in or register to reply here.
Back
Top