NIST Drafts: Storage Encryption for End User Devices & Guide to SSL VPNs

• In today’s computing environment, there are many threats to the confidentiality of information stored on end user devices, such as personal computers, consumer devices (e.g., personal digital assistant, smart phone), and removable storage media (e.g., USB flash drive, memory card, external hard drive, writeable CD or DVD). Some threats are unintentional, such as human error, while others are intentional. These threats are posed by people with many different motivations, including causing mischief and disruption and committing identity theft and other fraud. A common threat against end user devices is loss or theft. Someone with physical access to a device has many options for attempting to view or copy the information stored on the device.
  http://csrc.nist.gov/publications/drafts/SP800-111/Draft-SP800-111.pdf

• Secure Sockets Layer (SSL) virtual private networks (VPN) provide secure remote access to an organization’s resources. A VPN is a virtual network, built on top of existing physical networks, which can provide a secure communications mechanism for data and other information transmitted between two endpoints. Because a VPN can be used over existing networks such as the Internet, it can facilitate the secure transfer of sensitive data across public networks.
  http://csrc.nist.gov/publications/drafts/SP800-113/Draft-SP800-113.pdf