Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Device Encryption

Published byChristine Zoe Wilcox Modified over 6 years ago

Similar presentations

Presentation on theme: "Mobile Device Encryption"— Presentation transcript:

1 Mobile Device Encryption
Chris Edwards IT Services

2

3

4

5

6

7

8 Mobile Device Encryption Policy
“All confidential data must be encrypted where stored on a mobile device”

9 What do we mean by “encrypted” ??

10 Password Protected Encrypted Trivially bypassed
Protects data if lost / stolen

11 Can we avoid encrypting ?
Could maybe: avoid storing confidential data on the laptop work completely “across the network” But often convenient to store locally anyway Also: data cached on device temporary folders In practice, virtually all laptops contain confidential data.

12 What type of encryption tool ?
Folder encryption – save confidential data in a special encrypted folder need to remember to do this one day will forget and this still doesn’t encrypt: data cached on device temporary folders Full disk encryption (FDE) encrypts everything hence much safer!

13 Full Disk Encryption Encrypts everything Fast Transparent
Native on common OS platforms Can be enabled without reinstall

14 Full Disk Encryption Windows BitLocker macOS FileVault Linux LUKS

15 Standard Staff Desktop (SSD)
BitLocker default-on in SSD (enabled at build time)

16 Other Laptops Needs to be organised in your : College School
Research Institute University Service

17 Other Laptops Users should be asked to bring University-owned laptops to their Local IT Support so that Full Fisk Encryption can be configured

18 Recovery Keys Data stored on laptops should exist elsewhere
Hard drive could suffer physical failure ! Might forget the encryption password Prudent to keep a recovery key - somewhere safe BitLocker also requires key for certain hardware changes For SSD, ITS holds recovery keys in campus AD For non-SSD, local IT teams will want to organise their own repository Keep recovery keys as part of School IT asset register AD Create a school “recovery agent” certificate

19 How to… Detailed guides with pictures at:
Click on: “Laptops” “Memory sticks”

20 How to… Guides accessible enough for most reasonably tech savy users.
However, where possible we recommend IT support staff should do the encrypting. Precise arrangements need to be determined in your School or College. IT Services happy to advise.

21 Consumer Grade Laptops
May not have TPM chip Workaround to enable BitLocker boot time password memory stick (unsafe??) May come with a “Home” edition of Windows no BitLocker! may be unsuitable for storing confidential data

22 Personal Laptops University cannot mandate FDE for personally-owned laptops However, requirement to encrypt confidential data stored on a mobile device still applies!! Must encrypt it be some means FDE might be the easiest (MS “Device Encryption”?) Excellent Plan - use a terminal server (or equivalent) to completely avoid storing the data on the laptop in the first place: SSDremote Remote Desktop Session (e.g RDP)

23 Smartphones / Tablets Essential to set a PIN, or equivalent protection
Fingerprint check Swipe pattern Many devices come with encryption in some cases this is default-on and the PIN is used to unlock the encryption

24 Memory Sticks Must be encrypted if confidential data is stored
guides with pictures at: In many cases easier to not store confidential data on sticks use the network instead

Download ppt "Mobile Device Encryption"

Similar presentations

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.

Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Mobility for the Enterprise

Mobility for the Enterprise
System Software, functions of an operating system

System Software, functions of an operating system
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.

File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008

STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008
ENCRYPTION Coffee Hour for August 2014. HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.

ENCRYPTION Coffee Hour for August HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.
Virtual techdays Desktop Security with Windows 7 AppLocker & BitLocker to Go Aviraj Ajgekar│ Technology Evangelist │Microsoft Corporation Blog: http://blogs.technet.com/aviraj.

Virtual techdays Desktop Security with Windows 7 AppLocker & BitLocker to Go Aviraj Ajgekar│ Technology Evangelist │Microsoft Corporation Blog:
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18, 2013 1.

Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.

CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.
Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.

Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.
© Paradigm Publishing Inc. 4-1 Chapter 4 System Software.

© Paradigm Publishing Inc. 4-1 Chapter 4 System Software.
Windows 8 Starter Guide and Educational Apps Rica Young If you have a question during the webinar, please type it in the chat window, preface it with ???,

Windows 8 Starter Guide and Educational Apps Rica Young If you have a question during the webinar, please type it in the chat window, preface it with ???,
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.

Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.
Chapter 4 System Software.

Chapter 4 System Software.
Week #7 Objectives: Secure Windows 7 Desktop

Week #7 Objectives: Secure Windows 7 Desktop

Similar presentations

Ads by Google