BitLocker: Endpoint encryption as defined by the GDPR
Manfred Scholz, SEC4YOU Managing Director
The basis for this guideline is the need for action in the processing and storage of personal data, as well as personal data requiring special protection, especially as soon as this data is exposed to an increased risk of loss through storage on mobile devices.
The protection of data on mobile devices poses a considerable challenge to responsible persons, as the data is to be used by authorized persons at all times. However, if the end device is lost or stolen, the data stored on it must be adequately protected against unauthorized access. This is especially true if the end device is permanently in the possession of a potential attacker.
Use Microsoft BitLocker according to the state of the art!
This guide is aimed at information security managers / CISO, IT managers / CIO, IT security experts and their IT consultants.
The aim of the guide is to avoid both the obligation to report to the supervisory authority and to notify the person(s) concerned in the event of loss or theft of a Windows-based end device, and possibly also to avoid fines of up to 20 million euros or up to 4% of the company’s turnover.
Please also visit our Security Blog, which offers current events and security awareness tips.
out now: V1.1 Sept. 2017
Available rating
AGENDA (EXCERPT)
- Management Summary
- State of the art of endpoint encryption
- Selection of references and sources
- Evaluation of the protection goals for BitLocker
- Evaluation of the technical implementation
- BitLocker cryptography and authentication
- Use of a secure authentication method
- Threats in power saving mode
- Monitoring of encryption
- Deletion of end devices according to ÖNORM S 2109–4
- Deletion of BitLocker data media by overwriting
