Local Encryption Scenarios



  • One of the topics that always seems to get a lot of discussion here is local encryption.

    Some people, such as @scottalanmiller typically (emphasis on typically) advise against it. While others say to do it all the time. Still others say, it's mostly harmless, and can protect you, so why NOT do it if it's as simple as entering a password? I asked a few their feelings yesterday, and as expected got a spectrum of answers.

    I was thinking, giving specific examples might get people chatting about what they would do in a particular scenario, and lead to a consensus. Of course, each example can have all sorts of hidden gotchas, but I think it's safe to make some general assumptions here.

    So, here is example number 1:

    You get a call from a CPA. They just moved into a shady area of town, and are concerned about their data in case their PC gets stolen. They must use a local PC, because that is the only way their CPA software will run. Just the one CPA, one computer. What would you do in that scenario? And if you choose to encrypt, what would you use?



  • @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.



  • @BRRABill said in Local Encryption Scenarios:

    Just the one CPA, one computer. What would you do in that scenario? And if you choose to encrypt, what would you use?

    In this contrived situation, I would recommend encryption.

    In the real world, I would confront the false statement, prove it wrong, and at the very least show a viable server-based non-local option that might make a lot more sense so that they are more functional, safer, and better protected.



  • I would ask why not virtualize this CPA software running PC and have staff rdp into it. That way nothing would be stored on it. And the data in the VM and hypervisor could be backed up and encrypted.



  • In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.



  • @DustinB3403 said in Local Encryption Scenarios:

    I would ask why not virtualize this CPA software running PC and have staff rdp into it. That way nothing would be stored on it. And the data in the VM and hypervisor could be backed up and encrypted.

    The way that nearly all CPA software works already. That's the official remote access method for QuickBooks already. And works for essentially everything. Maybe literally everything. Plus web remote for a few, like Xero and QB Online. And most offer other remote options as well.



  • And once the workload is virtual, you could still use something like Bitlocker (assuming windows) or VeraCrypt (assuming anything) to encrypt the VHD pre-boot.

    At boot time, the admin or user enters the password to decrypt the disk and the system starts. They use the software like on their own system but over RDP.



  • @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.



  • @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.



  • @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.



  • @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.

    No, but a situation that makes you need to encrypt local drives does.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.

    Paying to do security properly is part of being a CPA. If encryption is an excuse to not do things securely, that's a huge reason to not recommend it. It's a crutch and makes people think that actual security isn't needed.



  • @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.

    No, but a situation that makes you need to encrypt local drives does.

    Mmm, is that how that works for any of your HIPAA or Financial Sector customers?



  • @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.

    Paying to do security properly is part of being a CPA. If encryption is an excuse to not do things securely, that's a huge reason to not recommend it. It's a crutch and makes people think that actual security isn't needed.

    Encryption is only physical security for sure.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.

    No, but a situation that makes you need to encrypt local drives does.

    Mmm, is that how that works for any of your HIPAA or Financial Sector customers?

    Correct. None of them have these kinds of issues because they do security well, rather than pretending to do security by using local encryption. There is a reason why the most secure environments don't need local encryption, CPAs certainly should not need it.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.

    Paying to do security properly is part of being a CPA. If encryption is an excuse to not do things securely, that's a huge reason to not recommend it. It's a crutch and makes people think that actual security isn't needed.

    Encryption is only physical security for sure.

    And only partial physical security. Stealing an unlocked laptop is probably more likely than stealing a locked one. If it is less likely, it is not a lot less likely.



  • @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.

    No, but a situation that makes you need to encrypt local drives does.

    Mmm, is that how that works for any of your HIPAA or Financial Sector customers?

    Correct. None of them have these kinds of issues because they do security well, rather than pretending to do security by using local encryption. There is a reason why the most secure environments don't need local encryption, CPAs certainly should not need it.

    Okay, I mean so you are saying BoFA for example does not need to require Local Encryption even though they do?



  • Desktops are more likely to be stolen when locked (or off.) Desktops are typically stolen from an office during off hours or when people are away. Laptops are typically stolen when out of the office and "out" somewhere, being used. Swiped from a table or whatever when someone looks away. If stolen from a bag or car, almost certainly locked. But if taken from a cafe or whatever, almost certainly unlocked.

    Using local encryption has a massive risk of making people feel that they could ignore good security because "everything is encrypted, right"? Except it isn't, while in use.



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.

    That is kind of where I am going with this question.

    Yes, you can use cloud VMs and cloud CPA software (in this example) but why not just encrypt the machine with VeraCrypt for free?



  • @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    In the contrived scenario, how will backups be handled? The intense "need" for encryption makes for a more complicated backup situation as the backups must be kept very secure, but also be very accessible.

    Encrypted drives doesn't make a complicated backups, you just encrypt the backups as well. It is seamless for the operating system as it is already boot into it and then it is backed up.

    No, but a situation that makes you need to encrypt local drives does.

    Mmm, is that how that works for any of your HIPAA or Financial Sector customers?

    Correct. None of them have these kinds of issues because they do security well, rather than pretending to do security by using local encryption. There is a reason why the most secure environments don't need local encryption, CPAs certainly should not need it.

    Okay, I mean so you are saying BoFA for example does not need to require Local Encryption even though they do?

    Obviously not, that would be silly. Banks don't do local encryption for normal workloads. They also don't allow customer data to go to end points for exposure.



  • @BRRABill said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @dbeato said in Local Encryption Scenarios:

    @scottalanmiller said in Local Encryption Scenarios:

    @BRRABill said in Local Encryption Scenarios:

    They must use a local PC, because that is the only way their CPA software will run.

    There is no such software, this is a false situation. This is a hypothetical that will never apply in the real world. So sure, we might get a contrived answer in this scenario, but it won't be useful.

    How is this a false situation?

    There is no such software. You can't actually make software that has to run on a laptop to work (you COULD make a license like that, but no one has.)

    It's false, because this situation can't exist in the real world today. Anyone making it happen would be doing so purely for the purpose of making an example like this come true. It has no technical or market value.

    I understand, as a software based yes it is not dictated by which computer it is installed unless is a software with a USB Dongle or something like that.

    Even that, rarely would a dongle cause an issue either. You can still access the machine that has the dongle in it remotely.

    Yeah, but not everyone wants to pay for it (Be it extra device, server, cloud service and so forth). I think that is the biggest issue when dealing with things like these.

    That is kind of where I am going with this question.

    Yes, you can use cloud VMs and cloud CPA software (in this example) but why not just encrypt the machine with VeraCrypt for free?

    Because one is secure and responsible, one is insecure and irresponsible. Local encryption as you are now describing it is actively bad because it is being used as an excuse to not properly secure the data.



  • That highlights my concern... doing something that "sounds super secure to non-technical people, but in reality does very little" is bad when it triggers human emotional responses. To a purely logical being (a computer) making decisions, local encryption would not do this. But in the real world with human users, it normally does. And if ANY behaviour changes based on using the local encryption, then in that scenario, the local encryption was a bad thing, not a good thing. Not just a waste, but actually a negative to the security.



  • If you add the encryption and no one knows about it, or you truly get no other decisions or behaviour to be made based on it, then it can be a good thing as long as the data is properly protected (there is a much higher risk of data loss when using encryption.)

    But for a CPA, data loss is minor while data exposure is big.



  • If it's a laptop, how can it be stolen and still not locked? As soon as you close the lid it's locked by a password. I doubt a thief would not close the lid if he grabs it while someone is using it.

    Anyway, the best option would be to not have sensitive information on the laptop at all, but that is not always possible. It's also a question of how sensitive the information is.



  • Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

    The data files could be secured the same way as any paper records. Locked in a safe or similar when not in use.



  • @Pete-S said in Local Encryption Scenarios:

    Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

    The data files could be secured the same way as any paper records. Locked in a safe when not in use.

    That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.



  • @DustinB3403 said in Local Encryption Scenarios:

    @Pete-S said in Local Encryption Scenarios:

    Anyway, in the case of the CPA we are talking about material that is not really sensitive at all.

    The data files could be secured the same way as any paper records. Locked in a safe when not in use.

    That would be the same as being encrypted, since the lock on a safe = encryption and the physical key = the passphrase to decrypt the drive or data.

    Well, in principle only. You can walk away with the encrypted computer but it would be harder with the safe.

    In most cases physical security is about delaying. You can smash and grab a laptop from the office window but it would require a lot more time to break in properly and then open a safe before someone shows up. So it's less likely to happen.