The Reg has a nice piece about laptop theft. Laptops theft is fast becoming the easy way into the corporate networks. Here are a couple examples from earlier:
During a presentation at Infosec on Tuesday, penetration testing firm SecureTest explained how DIY hardware devices or software available for purchase from eBay might be used to reset or circumvent passwords set in a laptop’s BIOS. “If that fails you can always take the drive out and fit it with a USB connector,”
The article goes on to talk about implementing strong passwords which, while good, does not help if the laptop is stolen. There are many freely available tools that would make short work of passwords. In order to better survive the threat of a stolen laptop companies should utilize disk encryption. Avoid Microsoft EFS encryption at all costs! It creates unencrypted copies of the encrypted data that can be recovered by tools such as EnCase or FTK.
[tags]Encase, Laptops, FTK, Encryption[/tags]
Curious what your thinking is in choosing file/container level encyrption over full disk encryption. Have you considered open source offerings such as truecrypt.org?
Thanks for addressing in future blog entry.
I’m a huge fan of open source. It’s a very tough sale for my current industry client to stomach I’m afraid. I’ll write something up later this week. Thanks for the comment.