Laptop security and encryption
I would like to hear from people that have a system in place for laptop security / encryption for people who are travelling for work and my lose or get their laptops stolen. What type of security ( Remote Wipe, etc) and data encryption is best used on a Dell shop with a mix of XP and WINDOWS 7.
thanks
thanks
We called Dell too and they hooked us up with WinMagic which is working out pretty well. They had also suggested upgrading all machines with self-encrypted drives but we didn't feel that was going to fly at this time. http://www.winmagic.com/. We chose whole drive encryption over whole data encryption. We also wanted something to integrate with our AD, which is 'sorta' does, at least administratively. It works for both local and remote users just fine.
We are in the process of moving away from Win XP using Credant software to Win 7 using Windows BitLocker. Credant is horrible and slow. BitLocker is fully integrated in Win 7 and Windows Server 2008 AD. As I said, "in the process", so no experience with BitLocker yet.
Lee
Lee
I agree with getzie, but you could also try truecrypt.
Its FREE! open-source and is compatible with Windows 7/Vista/XP, Mac OS X, and Linux.
We use it and have never had any issues thus far.
Their link is: http://www.truecrypt.org/
Its FREE! open-source and is compatible with Windows 7/Vista/XP, Mac OS X, and Linux.
We use it and have never had any issues thus far.
Their link is: http://www.truecrypt.org/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you need to protect external drives connected to laptops, there is this device: http://www.addonics.com/products/cchesexc34.php
ASKER
McKnife: Looks like a great solution. Is the web based admin page a Symantec hosted site or internal to customer? If a laptop is lost or stolen can a message be sent to laptop like you can do with a Iphone? Can I send a remote wipe of the entire system from web based admin page?
We've used both BeCrypt and SafeBoot for full disk encryption. We've had the latter make the occasional piece of kit unbootable altogether but BeCrypt instead has then been OK on the same kit. This may be a reflection of the versions of the encryption software we were using at the time rather than a reflection on the software quality.
-The web based admin page is internal. You have to setup a server called "pgp universal server" (linux based, but auto setup).
-no, messages can't be sent. The laptops can be setup to contact the server via internet from time to time (mandatory) - if the laptop is reported as stolen at the server site, the laptop will destroy all data.
-no, messages can't be sent. The laptops can be setup to contact the server via internet from time to time (mandatory) - if the laptop is reported as stolen at the server site, the laptop will destroy all data.
To keep someone from stealing my laptop I typically prefer a 12 gauge. I have used Bitlocker, Pointsec, PGP Disk and Compusec. The big thing to look for is scalability and management. I like Pointsec from all aspects.