Solved

Encrypt laptop hard drives

Posted on 2009-05-14
12
651 Views
Last Modified: 2012-06-22
I have the task of ensuring all of our laptop hard drive must be encrpted incase of theft or loss.  Please advisor of a good corporate program to encrypt entire hard drive.  Thanks for your help!
0
Comment
Question by:hookssystems
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 15

Accepted Solution

by:
MYCU earned 250 total points
ID: 24385974
The program we use for our laptops is PGP. You can find more information about it here:
http://www.pgp.com/products/wholediskencryption/

Hope this helps.
0
 

Author Comment

by:hookssystems
ID: 24386204
Are you able to manage laptop hard drvice encryption with this product from a central console.  Forgot to mention that part in my original post.  Thanks.
0
 

Author Comment

by:hookssystems
ID: 24386287
Just found it.  It is called PGP Universal Server.  Thanks.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 250 total points
ID: 24401255
PGP gave us disappointing and unbearable performance and the price was the worst, and we got the best performance from seagate drives that use hardware encryption and managed them using Embassy's suite: http://www.wave.com/products/ But to replace all our laptop HD's was going to be too costly, so we went with PointSec from Checkpoint: http://www.checkpoint.com/products/datasecurity/pc/
If you only have a few LT's then I'd suggest TrueCrypt: http://www.truecrypt.org/
Pointsec and Seagate (and pgp as well) are FIPS-140 certified if that makes a difference in your environment. We went through 3 PGP resellers, and none of them could make a dent in the price like those same resellers did for PointSec.
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 24401270
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Expert Comment

by:mdktch
ID: 24612937
The industry leading Enterprise Drive Encryption tool i would suggest is McAfee End Point Encryption (Formerly SafeBoot) or Checkpoints PointSec. The McAfee Endpoint encryption has more advantages considering the features such as

Enterprise WEB Console for Administering the tool, easy password reset/recover for end user. Extensive automation through inbuilt scripting command line tool. This tool takes approximately 15 minutes to encrypt entire drive of 80 GB.

You can find much more information on this here http://www.mcafee.com/us/enterprise/products/data_protection/data_encryption/endpoint_encryption.html
0
 

Expert Comment

by:Rouzell
ID: 35199026
This topic was closed nearly two years ago, now. Would any of the experts here have an update based on more current offerings? I'll be looking at TrueCrypt and PointSec today. Symatnec's PGP is $700 for a 5-pack, which is more than I need. Other suggestions would be most helpful. Thank you. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 35199589
Nothing has changed for us, TC isn't managable if you deploy hundreds of laptops, the recovery CD"s and Keys would have to have very reliable backup's. PointSec has been good, but I'd prefer a hardware solution like Seagate's momentus drives as you can dual-boot with them better than PGP/Pointsec, TC does have the dual-boot option for Mac/linux/win32 however. Ponitsec's Mac/Apple offerings aren't that great, and PGP didn't have one when we talked to them last.
http://www.credant.com/products/credant-drivemanager.html I believe they can manage momentus (probably others too) These guys too manage Seagates FDE drives: http://www.wave.com/ We didn't do a PoC with either, but I would of liked to, especially since Dell will ship the drives in the LT's
-rich
0
 

Expert Comment

by:jp415
ID: 36921789
I am new to my current work environment and have been tasked with researching alternate solutions to TrueCrypt, the currently used solution for approximately 100+ laptops.  The reported issues with TC being:
1. Working remotely on laptops, someone must be around to enter the encryption password if the latpop is restarted
2. Dell laptops cannot boot while docked if the drive is encrypted
3. Problems in Windows that require direct access to the drive for repair require us to decrypt the drive before proceeding.

I started my research here to get an idea of what others recommend.  I have to agree that TC isn't managable for large centerally managed environments.
-JP415
0
 

Expert Comment

by:Rouzell
ID: 36922482
My solution was http://www.truecrypt.org/ and since I only had to do this on two computers, it was easy enough and nearly painless. The learning curve was pretty flat and as yet, I have had no issues with either computer. If issues do arise, I imagine the encryption will add to the complexity of the repairs. However, fewer problems have been reported since encryption was implemented, so that may be the very protection necessary to keep users out of trouble with intruders? Let's hope. BR
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 36925649
TC will allow you to mount the drives if you remove them and use a sata/ide to usb type of setup. You can chkdsk and defragment much quicker that way, however it requires physical access. Our Dell's were able to be docked when we tried TC, not sure what the issue is there. PointSec also requires the drives to be decrypted fully unless you mount them as I described above. Pointsec can boot windows and ask for the decryption password before logging in, but it's an insecure option in our opinion. The Seagate drives are the same as TC, password to boot is required so remote reboots would suffer just like in the TC encrypted drives. These too can be mounted and maintenance preformed if you have the seagate or 3rd party software installed.
-rich
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now