1 Reply Latest reply on Oct 15, 2012 12:58 PM by SafeBoot

    Plunging into the idea of smartcards/tokens with encryption, need advice


      A bit of background: I work for a state government agency that does federal government transactions and as such a few years ago we were mandated to encrypt all machines that potentially held any kind of client data. There was little planning and no training, but we got SafeBoot up and running, and it's messy - dozens of calls every day about forgotten passwords (password only token). We just got a new IS director and I want to go to him with data showing that in the long run using a number generating token or USB token will save money over the man hours wasted talking people through recovery and resetting their password.


      As of right now we're mixed - most of our XP machines are on SafeBoot (about 1000 machines) and all of our Win 7 machines are on ePO managed endpoint encryption.


      What kind of cost, per seat, are we looking at for the most basic number generating keychain token or a simple USB token? Is it possible to have the number generator be the only authentication? (as I said, we tend to have lots of people forgetting their passwords). What are the pitfalls or gotchas I need to look out for? What companies have you had the best experience with? Does McAfee recommend one over the other?


      thanks in advance.