Need a quick solution to hard drive encryption software please

Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
sheilavenableAsked:
Who is Participating?
 
da3veConnect With a Mentor Commented:
Thanks for the info.

http://www.randyjensenonline.com/blog/using-truecrypt-to-encrypt-your-entire-hard-drive

The above link is a pretty good step-by-step. AES is, in my mind, an acceptably secure algorithm and RIPEMD-160 hasn't any reported vulnerabilities yet.

Like any software solution, make sure that you keep your goals in mind.

Lets go into the deployment in general terms for a moment. It sounds like you need to use encryption for GLBA compliance without any undue burden on the users or the admin staff. Groovy. Some of the potential problems that you will face are going to be:
data recovery after hardware failure (motherboard/HDD)
data recovery from a disgruntled employee who has deleted all of their data
data recovery from a lost password
data recovery for a user on travel with the above problems

I would set up a testing plan to run through these scenarios (and any others I missed) before you go live. Once you have the software loaded, swap the HDD into a different machine (same model) and see if the password will work. Boot to the recovery disk and see if you can recover files to a USB or network drive without using the drive password. Try doing an undelete to recover deleted documents from an encrypted disk. Document everything so that you aren't left hanging when something bad happens.

You'll probably want to implement policy to get the users into backing up laptop data (perhaps automatically) to a server so you have a current copy in case all of the recovery methods fail.

You'll definitely want a good (and backed-up) archive of all the recovery disk .ISO images on a share for the admins.

HTH.
0
 
BrianCommented:
I recommend TrueCrypt. www.truecrypt.com
0
 
da3veCommented:
I agree that TrueCrypt is a decent solution.

My company uses Guardian Edge's Hard Disk Encryption (now Symantec) which has some issues. When it works, it is great. Trying to recover from a bad hard disk can be challenging. Occasionally it seems to forget that there are users registered and all the users are locked out of the machine.

You mention not wanting to burden IT administratively. Unfortunately, any system is going to cause some quantity of work for IT. Encryption can become especially challenging when it fails to function correctly.

To further assist, please provide some more information about what you are trying to accomplish with disk encryption:
Is this going to be a one-off installation or are you looking for group/branch/department solution?
Does the IT group have an existing solution that isn't meeting their needs?
Do you need to be in compliance with SOX/HIPAA/GLBA/FISMA?

Thanks.
0
 
sheilavenableAuthor Commented:

Good Morning Master,
We are a financial institution with very little IT (2 people).  This will be our first solution.
Usually we purchase products from our data processor for support but for the last 4 years they have not come up with a solution.  I actually loaded TrueCrypt yesterday on my Windows 7 PC.  We have 10 laptops that need encryption and yes we need to be in compliance with GLBA.  Any advice you have on TrueCrypt and the way it should be set up would be greatly appreciated.
Thank you!
Sheila Venable

Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
0
 
sheilavenableAuthor Commented:
Thank you very much for your advise!
I really appreciate it!
Sheila Venable
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.