Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Server Disk Encryption for Shared drives Windows Server 2008

Posted on 2011-10-10
9
Medium Priority
?
562 Views
Last Modified: 2013-12-04
Hi
I have a windows 08 server and was starting to explore the idea of possible running encryption on the shared netowkr drives.
I was not impressed with the bit locker installation tactics.
What other software has anyone else used in this situation.
Also how does it work with keys etc. How would a pc user on the network access a encrypted shared drive.
0
Comment
Question by:valmatic
  • 3
  • 3
7 Comments
 
LVL 4

Expert Comment

by:sravi2208
ID: 36942720
0
 
LVL 7

Author Comment

by:valmatic
ID: 36942928
do you think this is something to run on a windows server in a network environment?
0
 
LVL 7

Author Comment

by:valmatic
ID: 36942951
never mind, it says ontheir site not compatible with windows sever, anyone else have any suggestions here..
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 38

Accepted Solution

by:
Rich Rumble earned 1500 total points
ID: 36953403
Drive encryption only protects data when the drive isn't mounted or is offline (powered off/down). If you use a program like TrueCrypt to encrypt a drive/folder or file, once I mount that container, I see it as any other drive/file/folder. The data I copy from that container when it's mounted will be sent in plain-text. If it's not mounted, and I copy the container itself, it's still protected. This holds true for Full Disk Encryption too, when my LT is off, the data is well protected. Once I boot up, and put in the password, it looks like any other HD on the network, so anyone with access to my C$ for example, can see the data just fine. This is true of all encryption software, they are protecting data at rest essentially. Now if someone doesn't have the password, they can't mount the container, so the data is safe, but a keylogger or people sharing a password can be an issue. TrueCrypt offer the "key files" option that will thwart all keyloggers, as you use a file (browse to the file) to be your second "password" that uses no keystrokes.
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 36953423
Just a note, TC is "supported" on all windows system, just not the Full Disk Encryption portion for the following windows flavors:
Note: The following operating systems (among others) are not supported: Windows 2003 IA-64, Windows 2008 IA-64, Windows XP IA-64, and the Embedded/Tablet versions of Windows.
Again that's for the Operating System, all of "c:" if you will. Other windows 2008 flavors are supported and I've used with no issue. Depending on what your trying to protect, TC works very well on partitions, files, folders and entire drives just fine, it's the bootable OS that has the caveat.
Let me know what other questions you may have, also that article was from 2008, and I don't agree with the authors first paragraph, TC is not FIPS 140-2 certified so it cannot be used on Gov't systems just because it uses AES... Sorry when I read that I cringed.
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 36953434
http://www.nist.org/news.php?extend.167
Another point that should be mentioned, though TrueCrypt offers a NIST FIPS approved algorithm (AES) the application is not on the NIST.gov Advanced Encryption Standard Algorithm Validation List meaning it is not FIPS approved for U.S. Government use. With recent OMB mandates to implement data encryption some smaller agencies may not understand that just because a product advertises that it uses "FIPS approved AES encryption" (or words to that effect) that does not mean the application's encryption modules are NIST.gov approved.
-rich
0
 
LVL 7

Author Closing Comment

by:valmatic
ID: 36956722
ok thanks
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question