Originally Posted by ladydi
We have talked about using it, but due to the drawbacks such as not being able to remotely reset the password and the long wipe times, I have been reluctant. I justify that with the fact that our users are not supposed to have confidential information in their mailbox.
We are starting to use hardware encrypted harddrives in laptops.
tduffy, that is awesome that your company is willing to enforce such high security standards - even for the CEO. That has been such a losing battle around here.
In the past they were hard battles for us also but they no longer are. When a higher up thinks they need to be an exception to our security standards I'll simply tell them that If I were to make an exception for them that the exception would be documented and that documentation like all documentation will be seen by the FDIC during the next audit and I will be sending the auditors their way for an explanation as to why they thought they didn't need to follow the same rules everyone else has to. That shuts them up really quick. Security isn't easy especially for the end users, but once they understand there there is a more secure way to accomplish what they are doing even though they might have to go a little out of their way to do it, the sun will still rise, the world will still turn and they will get what they need done.