Solved

Encrypt laptop hard drives

Posted on 2009-05-14
12
655 Views
Last Modified: 2012-06-22
I have the task of ensuring all of our laptop hard drive must be encrpted incase of theft or loss.  Please advisor of a good corporate program to encrypt entire hard drive.  Thanks for your help!
0
Comment
Question by:hookssystems
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 15

Accepted Solution

by:
MYCU earned 250 total points
ID: 24385974
The program we use for our laptops is PGP. You can find more information about it here:
http://www.pgp.com/products/wholediskencryption/

Hope this helps.
0
 

Author Comment

by:hookssystems
ID: 24386204
Are you able to manage laptop hard drvice encryption with this product from a central console.  Forgot to mention that part in my original post.  Thanks.
0
 

Author Comment

by:hookssystems
ID: 24386287
Just found it.  It is called PGP Universal Server.  Thanks.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 250 total points
ID: 24401255
PGP gave us disappointing and unbearable performance and the price was the worst, and we got the best performance from seagate drives that use hardware encryption and managed them using Embassy's suite: http://www.wave.com/products/ But to replace all our laptop HD's was going to be too costly, so we went with PointSec from Checkpoint: http://www.checkpoint.com/products/datasecurity/pc/
If you only have a few LT's then I'd suggest TrueCrypt: http://www.truecrypt.org/
Pointsec and Seagate (and pgp as well) are FIPS-140 certified if that makes a difference in your environment. We went through 3 PGP resellers, and none of them could make a dent in the price like those same resellers did for PointSec.
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 24401270
0
 
LVL 1

Expert Comment

by:mdktch
ID: 24612937
The industry leading Enterprise Drive Encryption tool i would suggest is McAfee End Point Encryption (Formerly SafeBoot) or Checkpoints PointSec. The McAfee Endpoint encryption has more advantages considering the features such as

Enterprise WEB Console for Administering the tool, easy password reset/recover for end user. Extensive automation through inbuilt scripting command line tool. This tool takes approximately 15 minutes to encrypt entire drive of 80 GB.

You can find much more information on this here http://www.mcafee.com/us/enterprise/products/data_protection/data_encryption/endpoint_encryption.html 
0
 

Expert Comment

by:Rouzell
ID: 35199026
This topic was closed nearly two years ago, now. Would any of the experts here have an update based on more current offerings? I'll be looking at TrueCrypt and PointSec today. Symatnec's PGP is $700 for a 5-pack, which is more than I need. Other suggestions would be most helpful. Thank you. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 35199589
Nothing has changed for us, TC isn't managable if you deploy hundreds of laptops, the recovery CD"s and Keys would have to have very reliable backup's. PointSec has been good, but I'd prefer a hardware solution like Seagate's momentus drives as you can dual-boot with them better than PGP/Pointsec, TC does have the dual-boot option for Mac/linux/win32 however. Ponitsec's Mac/Apple offerings aren't that great, and PGP didn't have one when we talked to them last.
http://www.credant.com/products/credant-drivemanager.html I believe they can manage momentus (probably others too) These guys too manage Seagates FDE drives: http://www.wave.com/ We didn't do a PoC with either, but I would of liked to, especially since Dell will ship the drives in the LT's
-rich
0
 

Expert Comment

by:jp415
ID: 36921789
I am new to my current work environment and have been tasked with researching alternate solutions to TrueCrypt, the currently used solution for approximately 100+ laptops.  The reported issues with TC being:
1. Working remotely on laptops, someone must be around to enter the encryption password if the latpop is restarted
2. Dell laptops cannot boot while docked if the drive is encrypted
3. Problems in Windows that require direct access to the drive for repair require us to decrypt the drive before proceeding.

I started my research here to get an idea of what others recommend.  I have to agree that TC isn't managable for large centerally managed environments.
-JP415
0
 

Expert Comment

by:Rouzell
ID: 36922482
My solution was http://www.truecrypt.org/ and since I only had to do this on two computers, it was easy enough and nearly painless. The learning curve was pretty flat and as yet, I have had no issues with either computer. If issues do arise, I imagine the encryption will add to the complexity of the repairs. However, fewer problems have been reported since encryption was implemented, so that may be the very protection necessary to keep users out of trouble with intruders? Let's hope. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 36925649
TC will allow you to mount the drives if you remove them and use a sata/ide to usb type of setup. You can chkdsk and defragment much quicker that way, however it requires physical access. Our Dell's were able to be docked when we tried TC, not sure what the issue is there. PointSec also requires the drives to be decrypted fully unless you mount them as I described above. Pointsec can boot windows and ask for the decryption password before logging in, but it's an insecure option in our opinion. The Seagate drives are the same as TC, password to boot is required so remote reboots would suffer just like in the TC encrypted drives. These too can be mounted and maintenance preformed if you have the seagate or 3rd party software installed.
-rich
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EFS and One Drive for Business 2 148
End to End email encryption solution for enterprise 3 84
PGP key : industry standard 2 79
Zepto Ransomware - Decrypt/Restore files 5 262
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question