Page 2 of 2

Posted: Thu Apr 26, 2012 8:04 am
by aclawson
rbeede wrote:The problem with that is if you mount your TrueCrypt volume and do a switch user then any other users can see the content of the mounted volume.

Not if you disable fast user switching.

Posted: Thu Apr 26, 2012 9:49 am
by rbeede
aclawson wrote:Not if you disable fast user switching.
Which has the downside of not showing the users a login to pick. For some this adds more difficulty in remembering everything.

Posted: Thu Apr 26, 2012 10:14 am
by aclawson
rbeede wrote:Which has the downside of not showing the users a login to pick. For some this adds more difficulty in remembering everything.

IIRC you can keep the welcome screen and disable the fast switching service.

Posted: Thu Apr 26, 2012 11:45 am
by russellhltn
aclawson wrote:Not if you disable fast user switching.

The problem with multiple logins is what happens when the clerk comes in to do his work, but the computer is locked because someone else forgot to log out? And what if they left MLS running? Fast user switching could lead to more problems as MLS is not intended for multiple instances.

Posted: Thu Apr 26, 2012 11:48 am
by russellhltn
aclawson wrote:If you are really worried about preventing access to certain files then you can create a truecrypt volume and save extremely sensitive files there.
But that's not keeping with policy:
Other confidential files should not be stored on the hard drive. They should be saved on external media and locked in storage when not in use.