[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Encrypt laptop hard drives

Posted on 2009-05-14
12
Medium Priority
?
672 Views
Last Modified: 2012-06-22
I have the task of ensuring all of our laptop hard drive must be encrpted incase of theft or loss.  Please advisor of a good corporate program to encrypt entire hard drive.  Thanks for your help!
0
Comment
Question by:hookssystems
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 15

Accepted Solution

by:
MYCU earned 1000 total points
ID: 24385974
The program we use for our laptops is PGP. You can find more information about it here:
http://www.pgp.com/products/wholediskencryption/

Hope this helps.
0
 

Author Comment

by:hookssystems
ID: 24386204
Are you able to manage laptop hard drvice encryption with this product from a central console.  Forgot to mention that part in my original post.  Thanks.
0
 

Author Comment

by:hookssystems
ID: 24386287
Just found it.  It is called PGP Universal Server.  Thanks.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 1000 total points
ID: 24401255
PGP gave us disappointing and unbearable performance and the price was the worst, and we got the best performance from seagate drives that use hardware encryption and managed them using Embassy's suite: http://www.wave.com/products/ But to replace all our laptop HD's was going to be too costly, so we went with PointSec from Checkpoint: http://www.checkpoint.com/products/datasecurity/pc/
If you only have a few LT's then I'd suggest TrueCrypt: http://www.truecrypt.org/
Pointsec and Seagate (and pgp as well) are FIPS-140 certified if that makes a difference in your environment. We went through 3 PGP resellers, and none of them could make a dent in the price like those same resellers did for PointSec.
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 24401270
0
 
LVL 1

Expert Comment

by:mdktch
ID: 24612937
The industry leading Enterprise Drive Encryption tool i would suggest is McAfee End Point Encryption (Formerly SafeBoot) or Checkpoints PointSec. The McAfee Endpoint encryption has more advantages considering the features such as

Enterprise WEB Console for Administering the tool, easy password reset/recover for end user. Extensive automation through inbuilt scripting command line tool. This tool takes approximately 15 minutes to encrypt entire drive of 80 GB.

You can find much more information on this here http://www.mcafee.com/us/enterprise/products/data_protection/data_encryption/endpoint_encryption.html 
0
 

Expert Comment

by:Rouzell
ID: 35199026
This topic was closed nearly two years ago, now. Would any of the experts here have an update based on more current offerings? I'll be looking at TrueCrypt and PointSec today. Symatnec's PGP is $700 for a 5-pack, which is more than I need. Other suggestions would be most helpful. Thank you. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 35199589
Nothing has changed for us, TC isn't managable if you deploy hundreds of laptops, the recovery CD"s and Keys would have to have very reliable backup's. PointSec has been good, but I'd prefer a hardware solution like Seagate's momentus drives as you can dual-boot with them better than PGP/Pointsec, TC does have the dual-boot option for Mac/linux/win32 however. Ponitsec's Mac/Apple offerings aren't that great, and PGP didn't have one when we talked to them last.
http://www.credant.com/products/credant-drivemanager.html I believe they can manage momentus (probably others too) These guys too manage Seagates FDE drives: http://www.wave.com/ We didn't do a PoC with either, but I would of liked to, especially since Dell will ship the drives in the LT's
-rich
0
 

Expert Comment

by:jp415
ID: 36921789
I am new to my current work environment and have been tasked with researching alternate solutions to TrueCrypt, the currently used solution for approximately 100+ laptops.  The reported issues with TC being:
1. Working remotely on laptops, someone must be around to enter the encryption password if the latpop is restarted
2. Dell laptops cannot boot while docked if the drive is encrypted
3. Problems in Windows that require direct access to the drive for repair require us to decrypt the drive before proceeding.

I started my research here to get an idea of what others recommend.  I have to agree that TC isn't managable for large centerally managed environments.
-JP415
0
 

Expert Comment

by:Rouzell
ID: 36922482
My solution was http://www.truecrypt.org/ and since I only had to do this on two computers, it was easy enough and nearly painless. The learning curve was pretty flat and as yet, I have had no issues with either computer. If issues do arise, I imagine the encryption will add to the complexity of the repairs. However, fewer problems have been reported since encryption was implemented, so that may be the very protection necessary to keep users out of trouble with intruders? Let's hope. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 36925649
TC will allow you to mount the drives if you remove them and use a sata/ide to usb type of setup. You can chkdsk and defragment much quicker that way, however it requires physical access. Our Dell's were able to be docked when we tried TC, not sure what the issue is there. PointSec also requires the drives to be decrypted fully unless you mount them as I described above. Pointsec can boot windows and ask for the decryption password before logging in, but it's an insecure option in our opinion. The Seagate drives are the same as TC, password to boot is required so remote reboots would suffer just like in the TC encrypted drives. These too can be mounted and maintenance preformed if you have the seagate or 3rd party software installed.
-rich
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question