Sign in with
Sign up | Sign in
Your question

Automated patching with FDE (Full disk encryption?)

Tags:
  • Security
  • Encryption
  • Boot
  • Business Computing
Last response: in Business Computing
Share
February 5, 2013 4:29:38 PM

We have a few hundred in-office computers. All our desktops are patched overnight using Dell KACE, which means they reboot automatically overnight.

Our laptops use full-disk encryption (FDE) using Truecrypt, but since they have pre-boot authentification (you have to enter a password to boot the disk), anytime KACE needs to reboot, it will get stuck on the pre-boot authentication password, so I cannot automate patching with reboots right now.

Ideally, I would have a way to suppress the PBA (pre-boot authentification) and give users the option of leaving their laptop locked in their office overnight for patching so the laptop can patch and reboot as much as it needs.

Is there a way to do this using Truecrypt or any encryption software? Or are they any other solutions for automated patching with FDE?

More about : automated patching fde full disk encryption

a b 8 Security
February 5, 2013 4:47:16 PM

Truecrypt is a bad choice for a corporate environment as there is no central management mechanism. You should look into one of the commercial solutions such as Checkpoint.
!