SANS Session 1.5 Encryption Tools

These are my notes from the vendor panel at the SANS Secure Storage and Encryption Summit.
Guardian Edge
If we haven’t had enough statement of the problem, I like the way they put it.
Data is disappearing out of the organization and you don’t know it.
81 percent of companies report the loss of one or more laptops containing sensitive data in the past 12 months. Would we even know what was on the laptop?
53 % believe that their companies would be unable to determine what sensitive or confidential info resided on a usb memory stick if it were lost.
– The PGP piece on the blackberry is there by default. You just need to license it. It actually will connect to your PGP Universal server. That sounds kind of neat.
Seagate admits that its a hard drive solution only. You need to do something else for your thumb drive, and email, etc.
FIPS 140 in progress for the Seagate (I assume that is FIPS 140-2. I dont think they do 140-1 anymore).
They also have the DoD evaluating for the secure wipe. Seagate just removes the encryption key.
The PGP guy made an analogy to when 3-d graphics cards came out. Something about it not puting software rendering out of business, it works together.
Q- Why would we need this (any of the vendors) when bitlocker comes out.
A – better management tools
– mature product
– OS support, bitlocker is obviously vista only and reportedly the more expensive versions of vista.
– No requirement for TPM. bitlocker is better with TPM.