Home > Ask the Security Experts > SearchSecurity.com's Expert Archive Questions & Answers > Are encryption products better than self-destructing data?
Ask The Security Expert: Questions & Answers
EMAIL THIS

Are encryption products better than self-destructing data?

Ed Skoudis EXPERT RESPONSE FROM: Ed Skoudis

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 28 March 2007
Your article on laptop encryption was interesting. How effective are "lost data deletion" technologies that delete protected files as soon as a stolen laptop accesses the Internet?

>
EXPERT RESPONSE
I am personally very uncomfortable with such technologies because they often go awry. Such tools can falsely trigger, preventing users from accessing data until it can be restored from a backup. At worst, though, the tool could destroy data that isn't backed up at all.

As a kid, I remember hearing the audio in the Mission: Impossible TV show with its urgent exhortation that, "This tape will self destruct in five seconds." While it may be a cool gimmick in a spy-vs.-spy TV show, self-destructing data can cause problems for large enterprises.

I much prefer solid encryption products that require a difficult-to-guess and difficult-to-crack passphrase, not just the user's operating system password. Better yet, I like to see encryption products that store the crypto keys on a separate token, such as a USB key fob, but still require a strong passphrase for decrypting the data.

More information:

  • Read Ed's previous article on laptop encryption.
  • Learn the right way to manage your encryption keys.


    • Sound Off! -   Be the first to post a message to Sound Off!


    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Data Backup
    Should whole disk encryption products be used with data backup software?
    Will one failed drive corrupt the rest of a RAID-5 array?
    The Craft of System Security
    Can confidential data be accessed once it is deleted for free space?
    Examining DoD-level secure erasure guidelines
    What is the relationship between open port range and overall security risk?
    Compliance, data breaches heighten database security needs
    What is a logic bomb?
    What should be done with a RAID-5 array's failed drives?
    Database authentication, encryption getting priority in some businesses

    Disk Encryption and File Encryption
    Growing Mac use prompts call for better security
    Websense, Reconnex top Forrester ranking of DLP vendors
    Embedded Security Safeguards Laptops
    Should whole disk encryption products be used with data backup software?
    Does FTPS encrypt data packets at the hardware or software level?
    Should disks be encrypted at the hardware level?
    Is Triple DES a more secure encryption scheme than DUKPT?
    Windows BitLocker: Enabling disk encryption for data protection
    NAC, disk encryption gaining attention, survey shows
    Symantec fills gap with whole disk storage encryption

    Enterprise Data Protection
    Unified communications trigger data leakage dangers, survey finds
    Easing e-discovery preparation by mapping enterprise data
    Quiz:: E-discovery and security in the enterprise
    Growing Mac use prompts call for better security
    Web 2.0 and e-discovery: Risks and countermeasures
    Screencast: Recovering lost data with WinHex
    Countermeasures against targeted attacks in the enterprise
    Websense, Reconnex top Forrester ranking of DLP vendors
    Are open recursive DNS servers inherently insecure?
    Penetration testing: Helping your compliance efforts

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    Advanced Encryption Standard  (SearchSecurity.com)
    data key  (SearchSecurity.com)
    Encrypting File System  (SearchSecurity.com)
    Escrowed Encryption Standard  (SearchSecurity.com)
    International Data Encryption Algorithm  (SearchSecurity.com)
    network encryption  (SearchSecurity.com)
    output feedback  (SearchSecurity.com)
    quantum cryptography  (SearchSecurity.com)
    Quiz: Cryptography  (SearchSecurity.com)
    Rijndael  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice

    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts