Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Your laptop encryption project: How to avoid the fatal errors
From: The SANS Institute (sanssans.org)
Date: Thu Feb 15 2007 - 11:05:17 CST
To: Security Express
From: Alan Paller, Director of Research, SANS Institute
Subject: Your laptop encryption project: How to avoid the fatal errors
Our research shows more than 6,000 organizations with laptop (and other
mobile data) encryption projects underway or about to start. They are
rightfully worried about how to avoid turning laptops into bricks and
blocking productivity, about how to buy software that actually works and
roll out encryption across hundreds or thousands of machines, and about
a myriad of other challenges they don't yet know of. About 250 of them
will gather in San Jose this April to meet with 25 users from large and
small organizations who have gone through the process and are willing
to tell what works and what went wrong. If you are just getting started
on broad-based laptop encryption, please consider this your invitation
to join them in San Jose, April 23-25, at the SANS Mobile Encryption
Summit 2007. (http://www.sans.org/info/3406)
Why Are They Getting Together?
Last year's front page news was full of data breaches, stolen laptops,
and lost data. Today this kind of news is being accompanied by articles
about restitution to victims and crackdowns by the FTC on companies with
lax security practices in place. No company wants to see its name in any
of these headlines. No CEO, board member, or top government official
wants to see his or her organization cited in either kind of article.
The SANS Mobile Encryption Summit is an in-depth, user-to-user program
focusing on lessons learned, mistakes to avoid, and technologies and
processes that work in protecting sensitive data on laptops and
desktops. The Summit is an interactive program with ample opportunity
to get your questions answered by those who have already fought the
wars. You will leave the Summit with concrete, actionable information
you can deploy as soon as you return to work and a short list of
products that other users have found to be effective.
How Good Is The Program?
Last year's Encryption Summit was over-subscribed with more than 230
delegates, and those delegates said it was just what they needed to move
ahead confidently with their laptop encryption projects. Here's what
some of those attendees said about the Summit:
"'Lessons Learned' is a great format. I've got a list of things to
watch out for that would have taken me a long while to pull together
on my own." - Jeff Modin, Cooper Hospital
"This was my first SANS Summit, and I definitely will attend more. Now
I can go back with better knowledge of mobile data security, vendors
(that's key for us), and what to do when looking for the correct tool
to use to protect confidential/business data." - El Dimayuvga, Honda R&D
"Great forum that gets several speakers in quick bursts and allows
plenty of interaction with quick and plentiful Q&As." - Aaron Smith,
One of the reasons attendees value SANS Summits is the opportunity to
hear real stories from those who have fought the wars. Gord Taylor from
the Royal Bank of Canada says, "It's all about making peer contacts and
learning from them about real problems, real obstacles, and real
What Will You Learn?
1. The problems encryption solves and the ones it doesn't.
2. Which vendors to put on your short list for laptop encryption.
3. Critical mistakes other companies and agencies made in deploying
encryption - particularly how they accidentally turned people's
computers into bricks.
4. How to make sure data on laptops and other mobile devices cannot be used by thieves.
5. What to include in your procurement documents to be sure the
encryption vendor delivers what you need.
6. What encryption is built into Windows XP and Windows VISTA and their
strengths and weaknesses.
7. How encryption is being built into disks that will be coming with
your laptops and whether or not you still may need an enterprise
encryption management solution.
8. Common problems and how to avoid them.
9. Surprises faced by others who have gone before you.
Here's more from people who attended the last Summit:
"Wonderful information and recommendations. I will definitely use Dr.
Cole's 'Top 10' when choosing an encryption solution." - Dana
DesPlanques, Fort Lewis College
"This Summit provided a concise but well rounded perspective of
encryption topics from vendors as well as companies in the private
sector and government." - Richard Enyart, FedEX
Last year's Encryption Summit was sold out, so please register early if
you want a seat. If you register and pay by March 14, you'll receive a
Complete event and registration information is posted at
If you have a great (or terrible) experience in implementing mobile
encryption and might like to share your experiences at the Summit,
please e-mail me at pallersans.org. That's also the e-mail to use if
you have any questions. I would be happy to answer them.
Director of Research
SANS is pleased to announce our new Training and Events Calendar - an
easy way to see what opportunities are available to you during the
coming month! The current calendars are now available for download from
To change your subscription, address, or other information, visit
http://portal.sans.org. If you wish to have your name removed from our
mailing list, visit the site above, click on "update your account" and
check the box "Do not send any email."