Resources for Federal Information Security Management Act (FISMA)

Data Loss and Full Disk Encryption

www.informit.com

There's been a great deal of concern about data loss over the past year or so. The Office of Management and Budget (OMB) came out with a directive in Memo 06-16 requiring Full Disk Encryption for all mobile devices. Now there's a new vulnerability identified that shows the key can be retrieved from volatile memory, so devices that go into hibernation are also vulnerable. Randy Nash discusses the patterns of data loss, security policy, full disk vs. folder encryption (human error), the OMB 06-16 memo, and the new vulnerabilities related to volatile memory. When it comes to information security, unfortunately there is no "silver bullet." Instead we use layered security controls, each one compensating for a weakness in the other.

View the Resource

Share or bookmarklet this web page at: