Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
YOUR MISSION, SHOULD YOU DECIDE TO ACCEPT IT . . .
September 16, 2008
Apologies for the brief hiatus. I have just returned to work after tending to the storybook wedding of one of my daughters. Though I feel as though I’ve been hit by a freight train, I’m back.
From the mailbag: A reader submitted a question about one of my recent posts concerning encrypting data on laptops. While we recommend whole disk encryption for laptops, he expressed the thought that folks would have a “warmer and fuzzier” feeling if the data was wiped after a number of incorrect passphrases were entered. This would be the modern day equivalent of the opening scene of Mission Impossible without the puff of smoke. To address this suggested improvement to the encryption process, I went to our team of computer forensics experts. Sorry, but nobody here knows of a product or implementation that provides whole disk encryption AND will automatically wipe the drive after a defined number of incorrect password guesses. This “self destruct” logic must be included as part of encryption implementation. There are many products that will perform this destruction for defined virtual encryption volumes and several flash drives (e.g. IronKey) that wipe the data contents after a number of incorrect passwords have been entered.
We still feel that you’re pretty darn safe if you encrypt with a good password without self destruction. If someone knows of a product that does whole disk encryption and self destructs, please e-mail me and I’ll pass the information along. In the meantime, we’ll keep our mobile data on our IronKey flash drives and use biometrics and whole disk encryption for our laptops.
Mr. Phelps, this post will self-destruct in five seconds. I miss those innocent days, when that opening MI scene really did seem high tech!
Listen to the Podcast
