Call today! 1 866 3 NYMITY
Username: Password:
Nymity News
Nymity logo
Home About Us

Interview with Dan Timmins

December 2007Dan Timmins

 

 

Interviewee: Dan Timmins, President, NCI

 


Subject: Enterprise-wide Hard Drive Encryption

 

 

Question: Briefly, what is hard drive encryption?

 

Timmins:  Hard drive encryption usually refers to the encryption of data stored on a local hard drive. The two most common forms of hard drive encryption is file encryption and full disk encryption. With file encryption, only a portion of the drive or a specific directory is encrypted while with full disk encryption, the entire drive is encrypted. Full disk encryption is definitely the preferred method.

 

 

 

Question: As encryption is increasingly becoming common for notebook computers, are organizations deploying encryption enterprise-wide?

 

Timmins:  Yes – however most organizations are still focusing on mobile computers due to the reason that they are most likely to be lost or stolen. Other organizations are deploying enterprise wide to protect against theft or return off lease equipment.

 

Question: How would an organization approach deploying encryption across the enterprise?

 

Timmins:  How an organization deploys encryption across the enterprise really depends on the complexity of the solution, how many end points are affected, the organizations support capability, who is conducting the deployment and what type of tools the organization has available. Typically, tools such as SMS can be used to install packages across the enterprise and based on the complexity the organization can take a phased approach to determine how many end points will receive the packages and training before the next phase begins.

 

Question: What are the considerations regarding remote employees?

 

Timmins:  The most common fear is what happens if a password is forgotten - will the employee be able to login? Most encryption solutions have built-in backup systems to support, recover or reset passwords remotely.

 

Question: How does an organization deal with contractors and suppliers that have remote access?

 

Timmins:  Contractors and suppliers remote access should be first limited to only what they need, logged and monitored and have a access time limit which is automated – however if they have access to sensitive information they should sign a NDA and an agreement to protect the information they are entitled to see.

 

Question: What are the considerations when working with removable media?

 

Timmins:  A key consideration is for an organization to identify a corporate standard for removable media – ie certain manufacturer of thumb drives. You can force encryption to removable media; however, it is also important that the users have the ability to still utilize the functionality – ie can they copy information and work from home (although the device is still encrypted during transit).

 

Question: Would an organization encrypt backoffice application and database servers that have high-level of physical security?

 

Timmins:  The industry does not appear to be ready at this point to fully embrace the encryption of business critical databases; however, we have definitely observed more interest in encrypting emails and attachments. The identification of the right email encryption solution tends to be difficult because of the array of variables and lack of a clear solution leader in the field.

 

Question: Are there performance issues on devices that are encrypted?

 

Timmins:  Generally the overhead is fairly low at 1-3%.

 

Question: When a computer with encrypted data has been lost or stolen, is the data itself recoverable?

 

Timmins:  If the computers encrypted data has been backed up then it can be recovered. Another good question would be, is encrypted data recoverable if the hard drive fails. Recovering data from a damaged drive can be accomplished with special tools and techniques known by the manufacturer and forensic partners.

 

Question: What is required from employees using encrypted computers? Do they need to be trained? Do employee resist the implementation?

 

Timmins:  If a large number of end points are being encrypted then it is recommended to reduce the complexity for the end user. This normally means adopting an Encryption By-Pass option which takes a user directly to the operating system login screen and by-passing the encryption login screen. In this scenario little to no training is required and very few support calls will be experienced. We find that most employees today recognize that security is an important part of any organization. If the login methods become more complex or if additional features such as removable media are added then supplementary training will be required at some level.

 

Question: In closing, how does NCI help organizations interested in hard drive encryptions?

 

Timmins:  Whether an organization is simply protecting its data or trying to meet compliancy requirements, NCI has the knowledge and experience to help. NCI is an end-to-end solutions company that focuses on what’s best for the customer – we do that by listening to their needs and crafting intelligent solutions that are cost effective. We understand that every business is different so we design the best possible solution specific to the customers unique requirements. NCI, being a leader in security and networking, can also combine an encryption solution with several other initiatives such as: anti-virus, NAC (network access control), multi-factor authentication, integrity checking, and personal firewalls. We partner with the best manufactures and market leaders in the space and because we’re fully certified we make all deployments seem effortless.


For More Information
 

To learn more about NCI visit www.nci.ca

 

sales@nci.ca

905.607.9777

  

 

 

Now Hiring

 

 

 

 

 

 


Contact Us | Privacy Policy | Terms of Use and Disclaimer © 2003 - 2008 NYMITY