XXXX,
Just wanted to bring up a point
about a couple of the letters to the editor. The article was meant as a primer
as to steps that can be taken to digitally secure your data. There is no such
thing as a 100% secure data system. It sounds good, but it is unrealistic. With
that said, however, you can make it take such an inordinate amount of time to
get to the data as to be “virtually” 100%. That is also the premise of DiD
(Defense in Depth). You are employing a multi-layer shell of encryption and
segmentation around your data. It would be a simple matter to turn TPM on in
the BIOS of the machine and then (assuming Windows here) activate Bitlocker on
the host machine. This would add yet another layer to the onion that someone is
trying to peel back. Add in the fact with TPM (Trusted Platform Module) enabled
and proper configuration, it would be possible to create hardware-based
encryption that would lock the machine if the hardware changes (opening the
door to using devices that can be removed at will to lock the machine and
prevent it from even booting). It is all about time and how long you can force
them to decrypt the data, assuming they can even figure out where it is. I
would be more than happy to continue the discussion, if the readers want more
information. I’ve had ideas for other articles on low-tech computer networking
and other related topics, if people are interested as well. – J.B.
From
the Survival Blog
No comments:
Post a Comment