Thi Nguyen-Huu

11 posts

Thi is the President and CEO of WinMagic, which he founded in 1997, with a vision to create encryption solutions that are secure, sophisticated yet easy-to-use for enterprises. Today this vision has evolved to Intelligent Management for Everything Encryption. When he is not busy running and growing the company, Thi is sport enthusiastic and thus always competitive. His one concession to constant competitiveness is leading a weekly Integral Taichi CK10 class at work, which provides relaxation and harmony to his hard working WinMagicians. Thi writes from a position of constant leadership and innovation; having two past successful ventures, his knowledge and experience will offer interesting insights within the security industry.

Passwordless does not mean Multi-Factor Authentication

How does a machine authenticate a user? IT security professionals normally think of multi-factor authentication (MFA) with the factors being what you know, what you have, and what you are. The various factors strengthen the authentication and thus are recommended…

Aug 5, 2020

Thi Nguyen-Huu

WinMagic – our vision for better data security in a complex world.

It has been over 21 years since I founded WinMagic and started working on SecureDoc, a simple but sophisticated full disk encryption product. Over the years I have learned a lot and developed insights and opinions regarding the state of…

Aug 19, 2019

Thi Nguyen-Huu

When and where should sensitive data be encrypted? The revealing answers might surprise you!

After having run WinMagic with the main focus as a data encryption company for more than 20 years, I asked our team for the first time last week the very basic question: When – and where – should sensitive data…

Jun 27, 2019

Thi Nguyen-Huu

“Extracting BitLocker keys from a TPM”

(Pre-Boot Authentication: Wisdom in Security – Part 3) In my September 2018 blog “Pre-Boot Authentication. Wisdom in Security Part 2” I concluded that: “Bottom Line: ‘No PBA’ is not a wise choice for enterprises Microsoft’s reasoning that you don’t need…

Mar 18, 2019

Thi Nguyen-Huu

Pre-Boot Authentication: Wisdom in Security – Part 2

In my recent blog “Pre-Boot Authentication. Wisdom in Security” I wrote in conclusion: Bottom Line: ‘No PBA’ is not a wise choice for enterprises Microsoft’s reasoning that you don’t need PBA because the known memory attacks are difficult to pull…

Sep 25, 2018

Thi Nguyen-Huu

Pre-Boot Authentication: Wisdom in Security

As my colleague Garry McCracken ably reported earlier in this blog (Is Microsoft claiming Pre-Boot Authentication for FDE is not necessary?), Microsoft, in its wisdom, has declared that pre-boot authentication (PBA) for full-disk encryption (FDE) is not strictly necessary –…

Jul 24, 2018

Thi Nguyen-Huu

Using Pre-Boot Networking to Improve Key File Deployment

In our previous blog posting, we explained WinMagic’s two-stage model for enterprise key file deployment. Enterprise key file deployment is a highly complex endeavor, with many use cases for device provisioning to consider and address; additional challenges include speed, security,…

Nov 4, 2015

Thi Nguyen-Huu

WinMagic’s Two-Stage Model for Key File Deployment

Our previous blog posting explained the need for more usable and effective intelligent key management solutions for enterprises. We defined intelligent key management as a centralized enterprise product that is application aware, and that works at the lowest possible layer…

Sep 21, 2015

Thi Nguyen-Huu

Putting Intelligence in Key Management

Our previous blog posting established that storage encryption technologies, such as full disk encryption (FDE), and their associated key management functions should be separated from each other. (more…)

Jun 25, 2015

Thi Nguyen-Huu

Separating Encryption and Key Management

In our previous blog posting, we explored the shortcomings of software-based full disk encryption (FDE) and made the case for switching to self-encrypting drives (SED) in the long run. (more…)

Jun 8, 2015

Thi Nguyen-Huu

The Road Ahead for Full Disk Encryption

Software-based full disk encryption (FDE) technologies have been widely adopted to protect data stored on computing devices, most often laptops or desktops. (more…)

May 12, 2015

Thi Nguyen-Huu

When and where should sensitive data be encrypted? The revealing answers might surprise you!

“Extracting BitLocker keys from a TPM”

Pre-Boot Authentication: Wisdom in Security – Part 2

Pre-Boot Authentication: Wisdom in Security

Using Pre-Boot Networking to Improve Key File Deployment

WinMagic’s Two-Stage Model for Key File Deployment

Putting Intelligence in Key Management

Separating Encryption and Key Management

The Road Ahead for Full Disk Encryption

When and where should sensitive data be encrypted? The revealing answers might surprise you!

“Extracting BitLocker keys from a TPM”

Pre-Boot Authentication: Wisdom in Security – Part 2

Pre-Boot Authentication: Wisdom in Security

Using Pre-Boot Networking to Improve Key File Deployment

WinMagic’s Two-Stage Model for Key File Deployment

Putting Intelligence in Key Management

Separating Encryption and Key Management

The Road Ahead for Full Disk Encryption

WinMagic on Facebook

WinMagic on Twitter

WinMagic on YouTube

© 2012-2020 SecureSpeak WinMagic Data Security Blog