×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. MIDRANGE-L
  3. November 2008

Re: How can I easily enable/disable remote access by User

Lukas Beeler wrote:
The correct way to go is to use full disk encryption with TPM and a
PIN (e.G. using Bitlocker), and use multi-factor authentication (e.G.
User, Password, RSA Key Fob) for all remote access.

I'm not convinced that the TPM (Trusted Platform Module) part adds a sufficient increase in security over non-TPM enabled full disk encryption to justify the cost, particularly in the case of laptops.

For one, is it really that much harder to steal the whole laptop that to just steal the disk? Correct me if I'm wrong, but I think TPM only provides extra security in the case of the attacker putting the disk in a different machine.

Secondly, in most security systems the weak point is the user. I'd say the money is better spent fostering a culture of security in your organization. It is much less risky to attempt some sort of social engineering attack to get at sensitive data than to go around stealing laptops.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.