Solved

encrypt laptop harddisk

Posted on 2007-04-02
21
448 Views
Last Modified: 2013-11-17
Hello

I have about 20 laptops and I need to encrypt the disk drives. Is there a total disk encryption solution that would encrypt the laptop's hard drive and make the data irrecoverable if the laptop is lost / stolen etc.?

I'd prefer activation of the laptop / data with a fingerprint scanner at boot time if at all possible but a password would be ok too.
0
Comment
Question by:eggster34
  • 7
  • 5
  • 2
  • +6
21 Comments
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
How about password? It is in most laptop already realzed. HDD password called.
0
 
LVL 32

Expert Comment

by:r-k
Comment Utility
If you plan to use Windows Vista Ultimate or Enterprise, you can use Bitlocker:

 http://technet2.microsoft.com/WindowsVista/en/library/ba1a3800-ce29-4f09-89ef-65bce923cdb51033.mspx?mfr=true

No matter what, you want to have a plan for data recovery, else a lost password can mean the entire disk lost forever.

I would be also be cautious about the bios/chip lavel password protection. Apparently that can be broken - the only true protection is encryption, and then also if properly implemented.
0
 
LVL 32

Expert Comment

by:r-k
Comment Utility
If you're not running Vista then look at Truecrypt: http://www.truecrypt.org/
It is free and effective, but I think it can only encrypt a partition, not an entire drive, which might be OK if you can arrange to put everything of value on that partition.
0
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
http://www.heise.de/ct/english/05/08/172/
Yes, it can be broken but not so easy. Any other protection can be broken too.
0
 
LVL 32

Expert Comment

by:r-k
Comment Utility
Yes, your link confirms it, I have heard other cases also where the hardware password protection was broken, so it should not be trusted for true protection.

However, I must disagree that encryption can be always broken, at least at the present. When properly implemented, it is currently impossible to decipher encrypted data. This is not always a good thing, because this list has had many postings from people trying to recover data in vain after "forgot the password" or "system crash" etc. So I would say that implementing and testing a recovery process under all possible scenarios is probably as important, if not more so, than doing the encryption itself.
0
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
> so it should not be trusted for true protection
Could you try to broken it?
>....I must disagree that encryption can be always broken
It is only depends how important information is. Try to ask CIA. ;)
0
 
LVL 32

Expert Comment

by:r-k
Comment Utility
"Could you try to broken it?"

LOL - I am sure I will fail.

"... ask CIA"

We will hope the asker is not trying to protect his data from the CIA :)
0
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
>I am sure I will fail
I was tried it and I fail too. It is possible that I can do it but I don't want to spend more time because I was only interested on hard disk using.

>We will hope the asker is not trying to protect his data from the CIA :)
That is my point of view. I suspect that asker don't want to get any easy access to data.
That means - it can be enough already implemented protection.
0
 

Author Comment

by:eggster34
Comment Utility
simple hdd passwords would not work for me.I need a professional package that would encrypt my whole drive and make it unusable in the event of loss / theft.
0
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
>simple hdd passwords would not work for me.
It is not as simple as you can think. ".. and make it unusable in the event of loss / theft." - for this case it works.

>I need a professional package that would encrypt my whole drive and make it unusable in the event of loss / theft.
In this case you need to know only the password too. Good package have a good price too.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
0
 
LVL 16

Expert Comment

by:AlexNek
Comment Utility
0
 
LVL 32

Expert Comment

by:r-k
Comment Utility
Can you please clarify if you plan to use Vista. If so, I would suggest Bitlocker, which I believe can encrypt an entire volume. Here is another overview:

 http://www.microsoft.com/technet/technetmag/issues/2006/05/FirstLook/?related=/technet/technetmag/issues/2006/05/FirstLook

0
 
LVL 5

Expert Comment

by:drtoto82
Comment Utility
I have an advice ... Don't use bitlocker or any full hdd encryption . BECAUSE :
If I have a system , and my system fails for whatever reason and I want to reinstall and use my already existing data , I can do that if the whole systemis encrypted.
BUT
U can use EFS or so for as much folders as u like and export the key in a safe place . So that if your system fails for whatever reason , u can restore the data after reinstalling it.
It is all about your data for you . and in both scenarios , the files will be encrypted if the laptop is stolen . Got the point . !!
0
 

Expert Comment

by:vietsonvpc
Comment Utility
drtoto82: its nice solution that use MS's solution
and use can set a recovery authorities if u dont want  to export the key or working in more than 100 laptops. but its require Domain server


----------------------------------------------------
www.ocdplaza.com
0
 
LVL 4

Expert Comment

by:webadministrator
Comment Utility
Kindly check this
http://www.experts-exchange.com/Security/Misc/Q_22092679.html
I discussed the same sort of software in this question.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
The Bitlocker seems to be the way to go,but you need a TPM BIOS that supports it.
So if you don't have a TPM BIOS,you would need to go to a third part of some sorts.

Dell's D620 has this feature.
0
 

Author Comment

by:eggster34
Comment Utility
I'm not going to use Vista, yet :)
I really can't use EFS, it has to encrypt the whole drive.
0
 
LVL 30

Accepted Solution

by:
pgm554 earned 500 total points
Comment Utility
Here's a list of full encryption 3rd party vendors:

http://www.full-disc-encryption.com/Full_Disc_Encryption.html
0
 
LVL 2

Expert Comment

by:melmitts707
Comment Utility
How about something like this --

http://sourceforge.net/projects/truecrypt/
0
 
LVL 1

Expert Comment

by:devruiz
Comment Utility
Got to:   http://www.pgp.com/

The software gives you a pre-boot password, and encrypts the entire HD. I've used it many times, and it is excellent.

If you plan on getting new machines in the future, what I have done for a few clients, is got the Dell's (you could get any model) with the finger print reader in them. The Dells come with a very nice software package which includes Fingerprint Password Logon, PRE BOOT/BIOS passwords, and full disk encryption. VERY secure.


0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now