Examines encryption needs for a particular user's laptop.
The following case study deals with a user's laptop and the encryption needs for it. This is done prior to having an enterprise-scale system available.
Background
A user wishes to replace his desktop machine with a laptop to enable portable operation.
The user routinely works with confidential and personal data.
The user's function is critical to the organization and he needs to be able to perform his functions from alternate locations in the event of emergency situations.
The user is experienced with handling confidential data and following security procedures. This reduces the requirements related to create a system where encryption is automatic and fully transparent to the user.
The only important local data stored on the user's current desktop machine is his mail archives.
The user's machine is part of the VT Active Directory and AD is used to authenticate logins.
Critical data files are stored on the department's MS Windows server (e.g. the user's "My Documents" folder).
The user's current desktop machine is managed and maintained by departmental system administrators.
Requirements
Remote Access
Banner HRIS (Banner and IS&C Reports)
PeopleSoft
Outlook
Various web applications
A departmental application
Departmental printers
Local Applications
Firefox
Signature with VT-issued Aladdin eToken.
MS Word, Excel, Outlook
Visio
Adobe Acrobat Std.
Proposal
General Considerations
As much as is practical, the laptop and the data on it need to be treated as throw-away, i.e. remember that the laptop may be lost, stolen, or damaged at any point in time.
Critical data will be stored on the department's server when network connectivity is available.
Offline use
The user will have to do his own backups of critical working data.
User Responsibilities
Backups of data while operating without network access