Solved

Need a quick solution to hard drive encryption software please

Posted on 2011-09-19
5
278 Views
Last Modified: 2012-06-21
Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
0
Comment
Question by:sheilavenable
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Brian
ID: 36563358
I recommend TrueCrypt. www.truecrypt.com
0
 
LVL 6

Expert Comment

by:da3ve
ID: 36563555
I agree that TrueCrypt is a decent solution.

My company uses Guardian Edge's Hard Disk Encryption (now Symantec) which has some issues. When it works, it is great. Trying to recover from a bad hard disk can be challenging. Occasionally it seems to forget that there are users registered and all the users are locked out of the machine.

You mention not wanting to burden IT administratively. Unfortunately, any system is going to cause some quantity of work for IT. Encryption can become especially challenging when it fails to function correctly.

To further assist, please provide some more information about what you are trying to accomplish with disk encryption:
Is this going to be a one-off installation or are you looking for group/branch/department solution?
Does the IT group have an existing solution that isn't meeting their needs?
Do you need to be in compliance with SOX/HIPAA/GLBA/FISMA?

Thanks.
0
 

Author Comment

by:sheilavenable
ID: 36566238

Good Morning Master,
We are a financial institution with very little IT (2 people).  This will be our first solution.
Usually we purchase products from our data processor for support but for the last 4 years they have not come up with a solution.  I actually loaded TrueCrypt yesterday on my Windows 7 PC.  We have 10 laptops that need encryption and yes we need to be in compliance with GLBA.  Any advice you have on TrueCrypt and the way it should be set up would be greatly appreciated.
Thank you!
Sheila Venable

Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
0
 
LVL 6

Accepted Solution

by:
da3ve earned 500 total points
ID: 36568820
Thanks for the info.

http://www.randyjensenonline.com/blog/using-truecrypt-to-encrypt-your-entire-hard-drive

The above link is a pretty good step-by-step. AES is, in my mind, an acceptably secure algorithm and RIPEMD-160 hasn't any reported vulnerabilities yet.

Like any software solution, make sure that you keep your goals in mind.

Lets go into the deployment in general terms for a moment. It sounds like you need to use encryption for GLBA compliance without any undue burden on the users or the admin staff. Groovy. Some of the potential problems that you will face are going to be:
data recovery after hardware failure (motherboard/HDD)
data recovery from a disgruntled employee who has deleted all of their data
data recovery from a lost password
data recovery for a user on travel with the above problems

I would set up a testing plan to run through these scenarios (and any others I missed) before you go live. Once you have the software loaded, swap the HDD into a different machine (same model) and see if the password will work. Boot to the recovery disk and see if you can recover files to a USB or network drive without using the drive password. Try doing an undelete to recover deleted documents from an encrypted disk. Document everything so that you aren't left hanging when something bad happens.

You'll probably want to implement policy to get the users into backing up laptop data (perhaps automatically) to a server so you have a current copy in case all of the recovery methods fail.

You'll definitely want a good (and backed-up) archive of all the recovery disk .ISO images on a share for the admins.

HTH.
0
 

Author Closing Comment

by:sheilavenable
ID: 36588333
Thank you very much for your advise!
I really appreciate it!
Sheila Venable
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question