Solved

Need a quick solution to hard drive encryption software please

Posted on 2011-09-19
5
284 Views
Last Modified: 2012-06-21
Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
0
Comment
Question by:sheilavenable
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Brian
ID: 36563358
I recommend TrueCrypt. www.truecrypt.com
0
 
LVL 6

Expert Comment

by:da3ve
ID: 36563555
I agree that TrueCrypt is a decent solution.

My company uses Guardian Edge's Hard Disk Encryption (now Symantec) which has some issues. When it works, it is great. Trying to recover from a bad hard disk can be challenging. Occasionally it seems to forget that there are users registered and all the users are locked out of the machine.

You mention not wanting to burden IT administratively. Unfortunately, any system is going to cause some quantity of work for IT. Encryption can become especially challenging when it fails to function correctly.

To further assist, please provide some more information about what you are trying to accomplish with disk encryption:
Is this going to be a one-off installation or are you looking for group/branch/department solution?
Does the IT group have an existing solution that isn't meeting their needs?
Do you need to be in compliance with SOX/HIPAA/GLBA/FISMA?

Thanks.
0
 

Author Comment

by:sheilavenable
ID: 36566238

Good Morning Master,
We are a financial institution with very little IT (2 people).  This will be our first solution.
Usually we purchase products from our data processor for support but for the last 4 years they have not come up with a solution.  I actually loaded TrueCrypt yesterday on my Windows 7 PC.  We have 10 laptops that need encryption and yes we need to be in compliance with GLBA.  Any advice you have on TrueCrypt and the way it should be set up would be greatly appreciated.
Thank you!
Sheila Venable

Need a solution that is not an administrative burden for IT dept.

Need "whole disk encryption" for Windows Professional.
Thank you!
Sheila Venable
svenable@lsfcu.net
0
 
LVL 6

Accepted Solution

by:
da3ve earned 500 total points
ID: 36568820
Thanks for the info.

http://www.randyjensenonline.com/blog/using-truecrypt-to-encrypt-your-entire-hard-drive

The above link is a pretty good step-by-step. AES is, in my mind, an acceptably secure algorithm and RIPEMD-160 hasn't any reported vulnerabilities yet.

Like any software solution, make sure that you keep your goals in mind.

Lets go into the deployment in general terms for a moment. It sounds like you need to use encryption for GLBA compliance without any undue burden on the users or the admin staff. Groovy. Some of the potential problems that you will face are going to be:
data recovery after hardware failure (motherboard/HDD)
data recovery from a disgruntled employee who has deleted all of their data
data recovery from a lost password
data recovery for a user on travel with the above problems

I would set up a testing plan to run through these scenarios (and any others I missed) before you go live. Once you have the software loaded, swap the HDD into a different machine (same model) and see if the password will work. Boot to the recovery disk and see if you can recover files to a USB or network drive without using the drive password. Try doing an undelete to recover deleted documents from an encrypted disk. Document everything so that you aren't left hanging when something bad happens.

You'll probably want to implement policy to get the users into backing up laptop data (perhaps automatically) to a server so you have a current copy in case all of the recovery methods fail.

You'll definitely want a good (and backed-up) archive of all the recovery disk .ISO images on a share for the admins.

HTH.
0
 

Author Closing Comment

by:sheilavenable
ID: 36588333
Thank you very much for your advise!
I really appreciate it!
Sheila Venable
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article covers how to install the Microsoft Windows Operating System (OS). What is covered in this article:  > Different Versions and Editions of the Windows OS  > Upgrading versus Fresh Installation of the OS           - Steps to take pr…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question