We are plea­sed to announ­ce the new “Gui­de to the use of end­point encryp­ti­on with Micro­soft Bit­Lo­cker in terms of the GDPR”. The SEC4YOU gui­de looks at the requi­re­ments of the Euro­pean Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) and pro­vi­des con­cre­te recom­men­da­ti­ons for cli­ent deployment.

From the content

  • Eva­lua­ti­on of pro­tec­tion goals for Bit­Lo­cker (BL) — page 7
  • Eva­lua­ti­on of the tech­ni­cal imple­men­ta­ti­on of BL- Page 8
  • Bit­Lo­cker cryp­to­gra­phy and authen­ti­ca­ti­on- page 8
  • Using a secu­re Bit­Lo­cker authen­ti­ca­ti­on method — page 8
  • Thre­ats in power saving mode — page 11
  • Moni­to­ring BL encryp­ti­on — page 11
  • Reti­re­ment of BL end devices accor­ding to ÖNORM S 2109–4 — page 13
  • Dele­ti­on of BL data car­ri­ers by over­wri­ting — Page 13

This gui­de spe­ci­fi­cal­ly con­siders the dan­gers of sto­ring per­so­nal data on Win­dows mobi­le devices such as note­books, tablets, con­ver­ti­ble note­books as well as work­sta­tions. As a pre­mi­se, it is defi­ned that through com­mer­cial use of mobi­le devices, the sto­rage or caching of per­so­nal data in emails, cus­to­mer lists, pro­s­pect lists, cus­to­mer quo­tes, pho­ne lists, etc. usual­ly occurs.

The fol­lo­wing tech­ni­cal mea­su­res focus on the encryp­ti­on of Win­dows end devices with the wide­ly used Micro­soft encryp­ti­on solu­ti­on inte­gra­ted into the ope­ra­ting sys­tem and the sto­rage of per­so­nal data on the sys­tem-inte­gra­ted hard disk or solid-sta­te disk (SSD).

  • The assess­ments in the gui­de to the use of end­point encryp­ti­on with Micro­soft Bit­Lo­cker in terms of the GDPR
  • Eva­lua­ti­on of the Micro­soft Bit­Lo­cker pro­tec­tion goal
  • Assess­ment of which end devices are to be encrypted
  • Assess­ment about the encryp­ti­on strength and requi­red pass­word length
  • Eva­lua­ti­on about the com­mon use of encrypt­ed end devices
  • Eva­lua­ti­on of TPM usa­ge wit­hout user authentication
  • Eva­lua­ti­on of authen­ti­ca­ti­on with key on a USB stick
  • Eva­lua­ti­on of authen­ti­ca­ti­on with key on a USB stick with TPM and TPM PIN
  • Eva­lua­ti­on of authen­ti­ca­ti­on with TPM PIN
  • Eva­lua­ti­on of pass­word authentication
  • Eva­lua­ti­on of thre­ats in ener­gy saving modes (stand­by, hiber­na­ti­on, hybrid)
  • Eva­lua­ti­on of the moni­to­ring requi­re­ments of the encryption
  • Assess­ment on secu­re reti­re­ment of encrypt­ed Bit­Lo­cker volumes.

The gui­de is pro­vi­ded free of char­ge to inte­res­ted par­ties and cus­to­mers via email down­load link.

Endgeräte-Verschlüsselung im Sinne der DSGVO - Download PDF

Fur­ther DSGVO topics at SEC4YOU: Offer GDPR Rea­di­ness Check