|
Posted by Bogwitch on February 15, 2007, 5:09 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi Peter,
PeterCupit wrote:
> I am attempting to create a set of bootable recovery DVD's for
> laptops. Everything works fine except that the laptops (when our
> system is complete) will be encrypted using Pointsec (unless we can go
> through a complex procedure to get exemption).
[snip]
You say that when your system is complete, the HDDs will be encrypted.
I'm not sure which of Pointsecs offerings you are using, so, does the
software allow you to encrypt the disk retrospectively? If that is the
case, it would be easy to take a snapshot of the drive prior to
encrypting it.
Also, please bear in mind that if you are using the SAME encrypted
image, the key material will be the same for all laptops. I assume that
you could assign different passwords to each of the laptops after the
HDD restore, but the actual KEY material will be the same, leaving your
systems slightly more vulnerable.
You say there is a complex procedure to get exemptions. This suggests
that there is a higher authority or Accreditor that you will need to
satisfy with your solution. It may well be worth checking if using the
same crypto key material is acceptable to them.
> I am wondering if it would be possible to create a small partition eg
> 4GB to store XP, and our application on, could this be used to reduce
> the size of the image?
As for the smaller partition, I don't know. You would have to refer to
the software manual to check. If it is possible, it will leave a very
large area of the HDD that is not encrypted. That is likely to be the
area where data is stored and more likely to need encryption.
> Also wondering if Pointsec is anything like PGP disk encryption where
Sorry, I've not touched PGP disk encryption.
Hope this helps,
Bogwitch.
| 
XML site map