I Have Achieved Ultimate Security...
Posted: Tue Aug 05, 2008 11:33 am
I received an Aladdin eToken yesterday and I have been trying to implement it all day on my X41. Here are the results.
Client Security systems does support smartcards; in order to enroll smartcards, you have to download the IBM smartcard middleware- but it only supports cards from Softex. So there is no solution to integrate Aladdin's eToken into Client Security System. Bummer.
but for disk encryption I have the software called PGP Dekstop. This is an full suite of apps to encrypt whole drive, email, IM, virutal drive. It supports many smartcards and smart card based tokens.
When everything is setup, in order to access secure file X on my system one has to:
Enter Power-on/BIOS password.
Enter Hard Drive password- ties hard drive to only IBM machines.
Enter Encryption password.
Insert USB token to access private key for encryption- this private key is only found on token and no where else.
Swipe finger to logon
Token again to access encrypted virtual drive where file X is located.
I haven't figured it out yet, but I can also activate TPM in PGP so that the public key to the encrypted drive is only on the TPM. In other words, the hard drive is useless anywhere other than this machine with this TPM- ties HDD to system. Again, not only does it make that tie due to public key location, you need the hardware dongle for the private key.
Now, I don't have that sensitive of data, so I'm going to remove all this hassle and just have the dongle. haha
Client Security systems does support smartcards; in order to enroll smartcards, you have to download the IBM smartcard middleware- but it only supports cards from Softex. So there is no solution to integrate Aladdin's eToken into Client Security System. Bummer.
but for disk encryption I have the software called PGP Dekstop. This is an full suite of apps to encrypt whole drive, email, IM, virutal drive. It supports many smartcards and smart card based tokens.
When everything is setup, in order to access secure file X on my system one has to:
Enter Power-on/BIOS password.
Enter Hard Drive password- ties hard drive to only IBM machines.
Enter Encryption password.
Insert USB token to access private key for encryption- this private key is only found on token and no where else.
Swipe finger to logon
Token again to access encrypted virtual drive where file X is located.
I haven't figured it out yet, but I can also activate TPM in PGP so that the public key to the encrypted drive is only on the TPM. In other words, the hard drive is useless anywhere other than this machine with this TPM- ties HDD to system. Again, not only does it make that tie due to public key location, you need the hardware dongle for the private key.
Now, I don't have that sensitive of data, so I'm going to remove all this hassle and just have the dongle. haha
)