PointSec

From BNL Physics Computing

[edit]

Overview

Pointsec is full disk encryption software from Check Point Software Technologies, LTD. The software is FIPS 140.2 certified and the preferred Windows laptop encryption method from ITD. If you wish to use this software, contact ITD to install it.

[edit]

Pros and Cons

Pros:

  • The software is FIPS 140.2 certified.
  • The entire disk is encrypted rendering the disk useless if it is lost or stolen.
  • Files are transparently encrypted and decrypted on-the-fly as they are written to or read from the disk.
  • Encryption keys are held in escrow by ITD so that the files can be accessed if you forget your password or you are unavailable and authorized people need to see the files.

Cons:

  • The entire disk is encrypted, so the Pointsec software cannot be used if you dual boot the machine.
  • The entire disk is encrypted, so the operating system and applications have to be unencrypted to be used. The claim is that the on-the-fly encryption is sufficiently fast that you will not notice any slowdown in machine performance (your mileage may vary).
  • Backup software run on the machine will backup unencrypted files.
  • Any worms or viruses getting on the machine will see unencrypted files.
[edit]

Installing Pointsec

Contact the ITD Helpdesk (x5522, itdhelp@bnl.gov) to schedule someone to come and install the software (there is no cost to the user). At some point, a web page will be setup to allow a user to install the software themselves.

Retrieved from "http://www.phy.bnl.gov/computing/index.php/PointSec"