| Art Alexion on 2 Oct 2008 08:07:46 -0700 |
|
On Thursday 02 October 2008 10:23:55 am Michael Leone wrote: > On Thu, Oct 2, 2008 at 10:15 AM, Jason Stelzer <jason.stelzer@gmail.com> wrote: > > On Thu, Oct 2, 2008 at 9:16 AM, Art Alexion <art.alexion@gmail.com> wrote: > >> I hadn't thought about it, but it's a good idea. We've had people break > >> LCDs and lose chargers, but have been lucky so far about losing the > >> laptop itself. We don't have much in terms of trade secrets, but some > >> people have a lot of HIPPA protected stuff. > >> > >> These are not technical users. Encryption suggestions that won't freak > >> them out? > > > > There are a bunch of ways to do this, but in this case you want > > something invisible to the user. I've been happily using pgp desktop > > on my mac since it was released. > > We use PGP Desktop here. The server runs on Linux, but you can encrypt > any filesystem (we're an all Windows shop), and it works fine and > transparently for us. I have it on my work laptop, and wouldn't even > know it's there, except for the PGP password I have to enter at boot > time. Knowing my users, I am considering two problems. First, it is a Linux laptop, either the standard Xandros, or eee-Ubuntu. I am wondering when and how they are going to be prompted for the key. I am guessing it has to be before X loads because X needs some files in $HOME, like .Xauthority, in order to load in the first place. As character mode freaks out some of our younger IT personnel, I don't even want to be around when one of our end users encounter it. Second involves the password itself. It can take up to a month to teach our users that their VPN password is different from their NT password, and that their UID and PWD are different on these shared laptops from their desktops. When the laptops come back, the UID/PWD is usually on a post-it on the wrist rest area of the keyboard. I can only assume that the encryption password will be stuck there as well. I really don't care about their data, and our only concern would be HIPPA. I really like this idea, and think our IT laptops should use it, but I don't have a lot of faith in our users, I fear it would be like spending a lot of money on a sturdy door and sophisticated lock, only to constantly find the door propped open with a brick or a trash can. Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|