Open Source and Free Disk Encryption Options - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Open Source and Free Disk Encryption Options

Description:

FREE Compusec. Freeware, but not Open Source. ... Having free full disk encryption options are great, but they may cost more money ... – PowerPoint PPT presentation

Number of Views:146
Avg rating:3.0/5.0
Slides: 19
Provided by: cla49
Category:

less

Transcript and Presenter's Notes

Title: Open Source and Free Disk Encryption Options


1
Open Source and Free Disk Encryption Options
  • Clay Calvert
  • Director of IT Security
  • University of Mary Washington

2
Advantages of Open Source
  • Many eyeballs have looked through source code.
  • More people looking for vulnerabilities
  • A wider range of expertise can be drawn upon
  • Application can be very efficient at what it
    does.
  • Can modify and recompile
  • Features can be added or taken away

3
Advantages of Open Source, cont.
  • Easier to port to different operating systems
  • Note I didn't say "Easy", just easier
  • And of course, price.
  • How about that budget?!
  • If there is no budget, then open source, or
    freeware, may be the only option.

4
Disadvantages of Open Source Disk Encryption
  • Does not scale well
  • No enterprise administration tools
  • Often only one password. User mode and admin
    mode may be one in the same.
  • Usually no audit functionality

5
Disadvantages of Open Source Disk Encryption,
continued
  • How to reset lost passwords?
  • What if user gets hit on the head?
  • What if machine needs to be imaged?
  • What stops users from decrypting the drive?

6
Disadvantages of Open Source Disk Encryption,
continued 2
  • No hooks for account passwords or screensavers
  • Commercial products can pass through windows
    login credentials. Users dont have to login
    twice.
  • Some products will force a screensaver password
    even if user password is blank
  • Total Cost of Ownership can be higher with open
    source. Did I just sound like Bill Gates?

7
TrueCrypt
  • One of the most respected open source security
    tools out there today.
  • Runs on Mac, Linux as well as Windows, but only
    Windows has full disk encryption
  • Fast. Reviews Ive seen show it as the fastest
    disk encryption utility, including commercial
    products. Believe it, or not, some of the
    reviews say it runs faster then unencrypted
    drives. This is because of pipelining.

8
TrueCrypt Disk Encryption
  • Installs without modifying any partitions.
  • 16-bit encryption software loads entirely into
    normally unused first cylinder of drive.
  • Once Windows starts to load then 16-bit driver
    hands off to 32-bit, or 64-bit, driver.
  • Entire partition gets encrypted.

9
TrueCrypts Preboot Authentication Screen (Pardon
the black on black)
10
TrueCrypt and Single Password
  • Launch Truecypt format /n to not be forced to
    burn recovery CD-ROM.
  • Encrypt drive using password known by system
    administrators.
  • Store .ISO (tiny, less than 2MB) for systems
    admins to use later, if necessary
  • Have user change password
  • Now burn a CD-ROM and give disk to user

11
TrueCrypt Password Recovery
  • If user forgets password, and is local, or if for
    any reason the drive needs to be accessed
  • Burn applicable stored .ISO to CD
  • Boot from that CD, enter original password
  • Restore the original data to first cylinder
  • Recover data and/or have user change password
  • If the latter, burn a new CD.
  • If user is on travel Sorry Charlie

12
How UMW is using TrueCrypt
  • UMW has some Utimaco licenses which it uses in
    most cases.
  • TrueCrypt was originally used by Vista users
    because Utimaco did not cover that OS.
  • Users that are tech savvy, and use their machines
    often, are good candidates for TrueCrypt.
  • Only had one trouble issue, which was resolved by
    a registry file fix.

13
FREE Compusec
  • Freeware, but not Open Source.
  • The business model is to get people to buy their
    management software.
  • After dozens of installations, management would
    become onerous without additional software
  • Not just because of this product. All Disk
    Encryption utilities fall under the same umbrella
  • Does have more features then TrueCrypt
  • Installs quite a few components

14
FREE Compusec Components
15
FREE Compusecs Multiple Accounts
  • FREE Compusec has more management features.
  • There are multiple accounts
  • Admin passwords
  • User passwords
  • Oops, I forgot my password
  • Ultimately, it is easier to manage with the
    software

16
FREE Compusecs Pre-Boot Screen
17
Open Source and Freeware Disk Encryption Options,
conclusion
  • Having free full disk encryption options are
    great, but they may cost more money in the long
    run for an enterprise deployment
  • For select cases, however, they are good
    alternatives especially if you dont have two
    pennies to rub together.

18
Questions?Comments?
Curtis McNay cmcnay_at_gmu.edu
703-993-4183 Clay Calvert
ccalvert_at_umw.edu 540-286-8122
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Open Source and Free Disk Encryption Options" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!