Laptop Hard Drive Encryption
Posted on 2009-05-09
I am looking for a straightforward encryption solution for the hard drives I use with my Dell Precision M2400 laptop (with 64-bit Vista). I am using Intel Rapid Recover Technology (IRRT) to clone a full recovery disk, so in addition to my primary hard drive I will always have a backup clone of my entire system lying around. Since Dell laptops are designed to make the hard drives easily removable, I have two hard drives that are easily accessible if anyone wanted to get access to my data. I would like to protect my data, preferably in such a way that does not affect system performance too much AND also supports disaster recovery so that I am not left with a cloned recovery brick if the system fails or is stolen. I would also like to use my recovery drive occasionally as a slave drive on other systems when I need to transfer a lot of data.
So although my system supports TPM-based full disk encryption either through the Wave Systems software provided by Dell or through Bitlocker, if I understand how these work these do not provide any kind of disaster recovery capability or access to my data once the drive is removed from the system. The Wave Systems method is appealing since the disk locking feature is enabled once the system is powered down, so I am guessing does not affect performance while the system is running.
I am open to hardware-based solutions using RFID keys, smartcards or other creative ideas. Ideally I would like to find a clever software solution that is password based where it is possible to access the disk unlocking software when slaving the drive even if the data is encrypted. I remember looking at the spec for a Seagate Momentus encrypted hard drive, but if I recall correctly formatting the drive removed the encryption. Since IRRT wipes the data in order to create a recovery drive, I am not sure if these would be the answer.