Solved

Want to encrypt all data on a laptop drive

Posted on 2006-06-22
5
585 Views
Last Modified: 2012-05-05
I have very very sensitive data sitting on a laptop that I must occasionally travel with.  I need to find out what software is the absolute best at encrypting data against theft.  Military grade is great, and cost is of little concern, though two or three suggestions with diff. price would be welcome.  Also it is important that it be fairly easy to implelemt.
Also, I wanted to be sure that if something is deleted from the harddrive, it is truly deleted.  I know there are a number of programs to do this.  What do you guys think is the best one?
Thanks so much for your suggestions!
0
Comment
Question by:thomasrmurray
5 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 43 total points
ID: 16962994
The following is often recommended by Rich, the top expert on this list:

 http://www.truecrypt.org/

I haven't used it personally but it does seem very good.

For erasing a disk, I would suggest the following:

 http://dban.sourceforge.net/

If you work for the Military they may have specific requirements that you should check.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 41 total points
ID: 16963332
:) I will indeed say truecrypt, as it's free, and has added security in certain situations. From a recent top 100 list

TrueCrypt is an excellent open source disk encryption system. Users can encrypt entire filesystems, which are then on-the-fly encrypted/decrypted as needed without user intervention beyond entering their passphrase intially. A clever hidden volume feature allows you to hide a 2nd layer of particularly sensitive content with plausible deniability about whether it exists. Then if you are forced to give up your passphrase, you give them the first-level secret. Even with that, attackers cannot prove that a second level key even exists.

Data erasure takes time, and the new standard seems to be the "Guttman method" http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
With encryption, even if the data store is found, they must then bruteforce their way in, adding in even more time/effort.
I recommend TrueCrypt because a leading cryptographer does, I've used it even before I saw the article on it http://www.schneier.com/blog/archives/2006/05/truecrypt.html

There are others, such as PGP that cost money and are also considered de facto standard software for such tasks. PGP is considerably harder to setup, but the use afterwards is easy as anything else. http://www.pgp.com/products/index.html

Expanding on that, I'd probably recommend the Seagate FDE drives, made for laptops. They are whole-disk encryption hardware devices, so nothing on your HD is ever plain-text. PGP/TrueCrypt/EFS and many others can do full disk encryption, but not of the bootable (commonly the "C:") partition or primary harddrive. However, they have not released them for sale yet...
http://www.xbitlabs.com/news/storage/display/20060607235730.html
http://www.anandtech.com/tradeshows/showdoc.aspx?i=2507&p=9

So until they are for sale, TrueCrypt get my vote, it's been out for 3+ years with no considerable falw found.
-rich
0
 
LVL 4

Assisted Solution

by:MalleusMaleficarum
MalleusMaleficarum earned 41 total points
ID: 16963584
On the commercial side, I've used a product called BestCrypt from Jetico Software.  They use standard 256-bit encryption algorithms and I like it because I can create a "container" and dump stuff into it and mount it and dismount it as I see fit.

(Website marketing blurb)
BestCrypt software keeps your confidential data in a strongly encrypted form on your disk and provides you with transparent access to it from any application. Keep your letters, databases, private information in an encrypted form on your hard disks, removable media, magneto-optical devices, CD ROMs, floppies or network disks - all within a standard operating environment. Read more about our Standard Edition and Corporate Edition.

For data erasure, Jetico also makes BCWipe which is their erasure tool.  I particularly like this tool because it has many levels of wiping (# of passes, 1's, 0's, random characters)  I also like that it will wipe the wiindows page file.  If you use the "Hibernate" feature (which stores a snapshot of RAM to a file) it will even wipe the hiberfil.sys file.

(Website marketing blurb)
BCWipe software is designed to securely delete files from disks and other media. Standard file deletion leaves the contents of the "deleted" file on your disk. Unless it has been overwritten by files saved afterwards, it can be recovered easily using standard disk utilities. BCWipe is fully integrated into the Windows Shell and efficiently shreds file data so that recovery by any means is impossible.

I am a gov. contractor and I use this product daily at work and at home.  With all the press of stolen gov. laptops lately here in the US, it only makes sense to adopt some kind of product like this.

0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OnPage: Incident management and secure messaging on your smartphone
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question