LITIGATION SUPPORT TIP OF THE NIGHT

The Tip of the Night for January 4, 2016 noted that you need a PC with the TPM (Trusted Platform Module) chip in order to access a Bitlocker encrypted drive. There is actually a way around this limitation.

Click on your start button, enter 'run', and then enter gpedit.msc to open the Group Policy Editor.

You then browse to ocal Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives, then click 'Require additional authentication at startup'.

Choose the enabled radial button, and then check off the box that allows Bitlocker without TPM chip.

See this post by Chris Hoffman.

You can download the EDRM Security Questionnaire on this site, http://www.edrm.net/resources/security-audit-questionnaire/ . The questionnaire is an Excel spreadsheet which breaks down questions on key areas of data security on seven different worksheets:

A. General B. Security & Risk Management C. Asset Security D. Communications & Network Security E. Identity & Access Management F. Security Operations G. Software Development Security

The questionnaire grades a security program based on its ISO 27001 and other certifications, whether it has information security policies, the existence of remediation plans, whether or not employees can anonymously report breaches, the management of environment controls, the use of data centers, the regular use of log networking, the use Unified Threat Management for a firewalls, the use of TLS for email encryption, the use of two factor authentication, Active Directory / LDAP integrations, network penetration testing, and many other factors - 74 in all.

The self grader gives a value for his or her organization's level of compliance with different practices suggested by the EDRM on a scale of 10 to 1 - 10 being unacceptable, and 4 being reasonable. The individual grades are aggregated in a total score

Steganography is the practice of hiding secret messages inside other seemingly innocuous messages. The term comes from the ancient practice of disguising messages in other messages, such as craving text onto the wooden base of a wax tablet before covering it with the wax which is inscribed on, or writing something under the postage stamps affixed to an envelope for a letter.

In the digital age, data can be manipulated in a variety of ways to conceal messages. You can also use the OpenPuff software to accomplish the task of hiding one electronic file inside other files. This free program can be downloaded here. You just need to download the linked to OpenPuff zip file, extract the files to a folder, and double-click on 'OpenPuff.exe'.

Click where it says 'Hide', and you will be taken to the Data Hiding window.

You begin by setting three different passwords in the upper left section, and then selecting the file you want to hide in the second step. The passwords must each be at least 8 characters. You will need to select alphanumeric passwords that together are of a sufficient length so the the password check box turns green indicating OpenPuff accepts them.

Then in step 3 you select one or more 'carrier' files, until the total size is enough to conceal the file you are encrypted. The combined carrier files will need to be several times larger than the file you are hiding. The carrier files cannot be in any format. You'll have to use bitmap, JPEG, MPG, or one of a few other common graphic file formats. When you're ready, click 'Hide Data!'

When the recipient receives the encrypted files, she or he needs to also have OpenPuff installed. They will have to click 'UnHide' on the opening screen, and then enter the three passwords in the same order, and also select the carrier files in the same order.

Click Unhide!, and the encrypted file will be exported from the graphic files.

This technique has the advantage over standard methods of encryption in that anyone coming across the files will have every reason to dismiss them as being unimportant.