Solved

Laptop security and encryption

Posted on 2012-03-15
9
793 Views
Last Modified: 2016-11-23
I would like to hear from people that have a system in place for laptop security / encryption for people who are travelling for work and my lose or get their laptops stolen. What type of security ( Remote Wipe, etc) and data encryption is best used on a Dell shop with a mix of XP and WINDOWS 7.

thanks
0
Comment
Question by:Goraps
9 Comments
 
LVL 2

Expert Comment

by:getzie
ID: 37726370
We called Dell too and they hooked us up with WinMagic which is working out pretty well.  They had also suggested upgrading all machines with self-encrypted drives but we didn't feel that was going to fly at this time.  http://www.winmagic.com/.  We chose whole drive encryption over whole data encryption.  We also wanted something to integrate with our AD, which is 'sorta' does, at least administratively.  It works for both local and remote users just fine.
0
 
LVL 13

Expert Comment

by:lee555J5
ID: 37726403
We are in the process of moving away from Win XP using Credant software to Win 7 using Windows BitLocker. Credant is horrible and slow. BitLocker is fully integrated in Win 7 and Windows Server 2008 AD. As I said, "in the process", so no experience with BitLocker yet.

Lee
0
 
LVL 5

Expert Comment

by:Guyver-it
ID: 37726415
I agree with getzie, but you could also try truecrypt.

Its FREE! open-source and is compatible with Windows 7/Vista/XP, Mac OS X, and Linux.
We use it and have never had any issues thus far.

Their link is: http://www.truecrypt.org/
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 37727179
Hi there.
> What type of security ( Remote Wipe, etc) and data encryption is best used on a Dell shop with a mix of XP and WINDOWS 7.
Well... what could you mean by "a Dell shop"? I know Dell, of course. But, what is even harder: what could "best" mean for you? What are your needs? Your question cannot be answered without you specifying some details first.

We use PGP WDE 10 company wide on about 100 machines. Let me tell you some details and what I like about it:
-Deployable as preconfigured MSI package to any windows from xp onwards and x86/x64
-Encrypts the whole drive
-Knows single sign on = keeps synchronizing with your windows password changes and automatically logs on to windows - this is definitely the biggest advantage
-can be used with multiple keys (one per user, think of shared laptops!)
-can be re-configured from a central server at any time
-knows a self-destroying mechanism
-per-user-licensing, so 1 license can be used on several machines that user owns
-offers self-help against lockouts (security questions)
-auto detects encrypted additional (external/usb) disks that you connect
-quick bootup mechanism (believe me, that is important! and not any encryption is able to do it that quick)
-highly hardware compatible (better than competitors I have seen)
-can be setup to encrypt automatically ("silent enrollment")
-can be setup to script-bypass the encryption after a reboot (VERY important for remote management!)
-knows master passwords (fit anywhere) and recovery tokens (think of a second key only the admins have) so admins can easily unlock machines

Of course, it's not free. You will have to calculate more than 100USD per user plus yearly maintenance fees (prices vary depending on number of licenses).

There is no free software to be found that has all these features. I am 100% sure that any admin that administers more than let's say 20 machines will go mad with free solutions that don't offer such features because those will eat up his time and nerves.
0
 
LVL 69

Expert Comment

by:Callandor
ID: 37729026
If you need to protect external drives connected to laptops, there is this device: http://www.addonics.com/products/cchesexc34.php
0
 

Author Comment

by:Goraps
ID: 37730432
McKnife:  Looks like a great solution.  Is the web based admin page a Symantec hosted site or internal to customer?  If a laptop is lost or stolen can a message be sent to laptop like you can do with a Iphone?  Can I send a remote wipe of the entire system from web based admin page?
0
 
LVL 16

Expert Comment

by:cantoris
ID: 37731396
We've used both BeCrypt and SafeBoot for full disk encryption.  We've had the latter make the occasional piece of kit unbootable altogether but BeCrypt instead has then been OK on the same kit.  This may be a reflection of the versions of the encryption software we were using at the time rather than a reflection on the software quality.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 37732402
-The web based admin page is internal. You have to setup a server called "pgp universal server" (linux based, but auto setup).
-no, messages can't be sent. The laptops can be setup to contact the server via internet from time to time (mandatory) - if the laptop is reported as stolen at the server site, the laptop will destroy all data.
0
 
LVL 10

Expert Comment

by:pand0ra_usa
ID: 37803989
To keep someone from stealing my laptop I typically prefer a 12 gauge. I have used Bitlocker, Pointsec, PGP Disk and Compusec. The big thing to look for is scalability and management. I like Pointsec from all aspects.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Slow Windows 7 PC 9 53
W700 charge 17 22
Windows 10 ISO build version 3 33
Windows 10 updates being installed on Windows 7?? 20 37
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question