NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Compliant Method of HDD Mailing
techjuice 1568 days ago [-]
You can use the most secure methods following this guide (way overboard for unclassified information, but very useful information): https://www.cdse.edu/documents/student-guides/IF107-guide.pd...

Or you can insure that the hard drive is encrypted using BitLocker or LUKS and shipped to the customer's business location. For the hardware token to unlock the drive ship the key on a password protected USB with a different carrier to their business mailbox at the post office. Also insuring that the hard drive is double or triple bubble wrapped with really high quality bubble wrap and inside of the original or alternative plastic hard drive case.

For the key insure it is in one of those secure bubble wrapped mailing packages with secure taping (only way to open it is to cut it open so you can detect tampering).

This way if it is dropped the vibrations never make it to the hard drive, if it is stollen the key to the drive is not in the box and if someone did tamper with any of them it would be very noticeable.

mean_gene_1976 1568 days ago [-]
Well dang. That's what I was thinking. You said it so well. I will check out the link.
mean_gene_1976 1566 days ago [-]
I enjoyed the link, great references to regulation. So, i have a hard drive of a server that needs to be encrypted. Could I encrypt the entire device? Or just a partition?
mean_gene_1976 1564 days ago [-]
So, client just wants the hard drive. Doesnt want it encrypted. So...whatever
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 16:01:42 GMT+0000 (Coordinated Universal Time) with Vercel.