Encryption technologies: testing and identifying campus needs

Abstract

Lehigh University is implementing a plan to secure sensitive information across campus through the use of various encryption technologies. Several committees were formed, at all levels of the University, to advise, identify, and direct data security activities at the enterprise level. One of these committees was assigned to take a detailed look at the types of hardware and media that need to be secure, to test various encryption technologies and hardware devices, and to produce a recommendation on which technologies needed to be implemented. The committee began by developing a document listing the types of hardware and media that need to be secured, operating systems that need to be supported, and an estimate of the number of individuals on campus with access to secure information. Special criteria were developed for evaluating the products such as: price/performance, platform compatibility, media compatibility (SD cards, USB keys, handhelds), authentication level (one- or two-factor), user friendliness, key management, and enterprise implementation tools. Next, several whole-disk, file, and volume encryption software packages were selected and evaluated as well as special devices such as USB keys and handheld devices. Performance benchmarks were run on the test systems to compare performance variations. Enterprise encryption key management features were also tested. This session will provide a detailed overview of the various steps involved in the evaluation process mentioned above, discuss the successes and failures encountered, and review the final results.