1 / 19

Enhancing Security and Efficiency in Labs: Full Disk Encryption and Energy Conservation Strategies

This comprehensive overview explores the challenges and solutions in laboratory security, focusing on Full Disk Encryption (FDE), authentication methods, and threat management. Learn how various players in software (like PointSec) and hardware (like Seagate) contribute to effective encryption strategies. Additionally, discover the importance of directory services and energy conservation mandates such as EPEAT Gold status for federal agencies. Gain insights into desktop management tools to enhance operational efficiency and security for organizational labs.

lesa
Télécharger la présentation

Enhancing Security and Efficiency in Labs: Full Disk Encryption and Energy Conservation Strategies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DOE Challenges • Security • Full disk encryption • Authentication • Threat management • Directory services • Energy conservation mandates • Desktop management How are Labs responding

  2. Secure Foundation Security - Full Disk Encryption

  3. Full Disk Encryption Players - Software Knowing the Players and their Products PointSec PC Mac Edition SecureDoc for Mac OS Whole Disk Encryption

  4. Full Disk Encryption Players - Hardware Knowing the Players and their Products Seagate Momentus 5400 SecureDoc for Mac OS

  5. Secure Foundation Security - Authentication

  6. 123 456 789 012 345 Smart Cards as Keychains Integrating complex devices into OS X Credential System Smart cards Keychains

  7. Pre-installed Smart Card Support • /System/Library/Security/tokend/ • “CAC” • US Government (CAC, GSC-IS) • “BELPIC” • Belgian Personal ID Card • “JPKI” • Japanese PKI Card • “PIV” *New in 10.5 • US Government • “Personal Identity Verification”

  8. PCMCIA Pre-installed Smart Card Reader Support /usr/libexec/SmartCardServices/drivers/ • “CCID” USB Class Readers • Chip Card Interface Device • USB Readers • Athena, CRYPTOCard, GemPlus, SCM • PC Card Readers • CRYPTOCard, SCM, OMNIKey

  9. Secure Foundation Security - Threat Management

  10. 123 456 789 012 345 Security Threat Management Shawn Geddis Enterprise Security Consulting Engineer MacOS X Security Tuesday, 11:45am Carolina Ballroom Apple Booth on Tuesday

  11. Secure Foundation Directory Services

  12. Directory Services Active Directory • Possible solutions • Active directory plug-in with MacOS X • Basic functionality (name, password, home directory, UID, GID) • Open Directory with MacOS X Server for MCX settings • Third party solutions • ADmit Mac by Thursby • Extend AD schema

  13. Secure Foundation Energy Conservation

  14. EPEAT Gold Why is it important? • As of January 15, 2009, all Federal agencies must purchase 95% or higher EPEAT registered products in relevant product categories • www.epeat.net EPEAT Gold

  15. EPEAT Gold What is it? • 23 Required and 28 Optional Criteria • Carbon Footprint • Energy Star 4.0 for energy usage • Product design, packaging design, warranty extension, end of life • Gold certification means product meets all required criteria PLUS at least 75% of optional criteria APPLE PRODUCTS ARE EPEAT GOLD CERTIFIED

  16. EPEAT Gold What is it? • www.epeat.net

  17. EPEAT Gold Apple Energy Savings • www.apple.com/environment/resources/calculator.html

  18. Secure Foundation Desktop Management

  19. Desktop Management • What’s out there? • Apple Remote Desktop (ARD) • Third party solutions • Casper, LANrev, LANdesk • Customer built solutions • PNL

More Related