On Fri, 11 Nov 2011, Chris Manly wrote:
Not that it helps in this instance, but I'd recommend considering a key escrow
policy up-front. There are disk encryption products that support a centralized
key escrow. I think we use PGP whole-disk encryption for laptops that carry
sensitive information here at Cornell.
Cornell's key escrow policy is published, here:
http://www.dfa.cornell.edu/cms/treasurer/policyoffice/policies/volumes/informationtech/upload/vol5_3.pdf
Indeed. The forethought was nice, but manageability is better.
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
