Home > Ask the Security Experts > Expert Archive: Information Security Threats Questions & Answers > Are encryption products better than self-destructing data?
Ask The Security Expert: Questions & Answers
EMAIL THIS

Are encryption products better than self-destructing data?

Ed Skoudis, past SearchSecurity.com expert EXPERT RESPONSE FROM: Ed Skoudis, past SearchSecurity.com expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 28 March 2007
Your article on laptop encryption was interesting. How effective are "lost data deletion" technologies that delete protected files as soon as a stolen laptop accesses the Internet?

>
I am personally very uncomfortable with such technologies because they often go awry. Such tools can falsely trigger, preventing users from accessing data until it can be restored from a backup. At worst, though, the tool could destroy data that isn't backed up at all.

As a kid, I remember hearing the audio in the Mission: Impossible TV show with its urgent exhortation that, "This tape will self destruct in five seconds." While it may be a cool gimmick in a spy-vs.-spy TV show, self-destructing data can cause problems for large enterprises.

I much prefer solid encryption products that require a difficult-to-guess and difficult-to-crack passphrase, not just the user's operating system password. Better yet, I like to see encryption products that store the crypto keys on a separate token, such as a USB key fob, but still require a strong passphrase for decrypting the data.

More information:

  • Read Ed's previous article on laptop encryption.
  • Learn the right way to manage your encryption keys.


    • BROWSE BY TAG
    Enterprise Data Protection,   Disk Encryption and File Encryption,   Enterprise Data Governance,   Expert Archive: Information Security Threats,   Data Loss Prevention,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



    RELATED CONTENT
    Disk Encryption and File Encryption
    Health Net healthcare data breach affects1.5 million
    Heartland CIO is critical of First Data's credit card tokenization plan
    Heartland CIO on end-to-end encryption, credit card tokenization
    Should developers create libraries of common cryptographic algorithms?
    What is an encryption collision?
    Heartland CIO on PCI, E3 project
    Visa probes tokens, encryption for PCI card data protection
    Voltage, RSA spar over tokenization, data protection
    Truth, lies and fiction about encryption
    What are new and commonly used public-key cryptography algorithms?

    Enterprise Data Governance
    How to protect distributed information flows
    Interpreting 'risk' in the Massachusetts data protection law
    Creating an enterprise data protection framework
    Analyst DLP study finds maturity, ranks top DLP vendors
    Voltage, RSA spar over tokenization, data protection
    Twitter gets condemned by CISOs at Forrester forum
    PCI DSS compliance requirements: Ensuring data integrity
    Trustwave acquires data loss prevention vendor Vericept
    Data has become too distributed to secure, Forrester says
    Cloud-based security services should start private

    Expert Archive: Information Security Threats
    The telltale signs of a network attack
    Will Google Chrome enhance overall browser security?
    Are there antivirus suites that pick up more than just run-of-the-mill viruses?
    What tools can a hacker use to crack a laptop password?
    Are social networking sites an easy target for malicious hackers?
    What are the dangers of cross-site request forgery attacks (CSRF)?
    Should social engineering tests be included in penetration testing?
    What kind of data is compromised during a Google hack?
    Best practices for using restriction policy whitelists
    Defining mobile device security concerns

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    Advanced Encryption Standard  (SearchSecurity.com)
    data key  (SearchSecurity.com)
    Encrypting File System  (SearchSecurity.com)
    encryption  (SearchSecurity.com)
    Escrowed Encryption Standard  (SearchSecurity.com)
    network encryption  (SearchSecurity.com)
    output feedback  (SearchSecurity.com)
    Quiz: Cryptography  (SearchSecurity.com)
    Rijndael  (SearchSecurity.com)
    Twofish  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts