Encrypting hard drive

Hi,
 I have a customer who is keep client's confidential information/documents on his laptop and he is worried about the possibility of getting his laptop stolen and someone takes the hard drive out of this laptop and connect to another PC and access information/documents.
 So he like to find the way to protect the data on the hard drive.
 
 I am not familiar with data security other than assigning a password for each WORD/EXCEL file, but that would be too much work and would create a lot of inconvenience.
 
  Is there a simpler solution to this?

Thanks.
LVL 1
sgleeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dan CraciunIT ConsultantCommented:
Not simpler, but definitely safer. Protected office files can be opened.

Use Truecrypt: http://www.truecrypt.org/

You can encrypt the whole harddrive and in case the laptop gets stolen the thief will not be able to recover any information from it.

HTH,
Dan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
Which OS is your client using? If it is Windows 7, you can use Bitlocker

There are various Encryption software there

DiskCryptor (GPL) - http://diskcryptor.net/wiki/Main_Page/en
Truecrypt -http://www.truecrypt.org/

Regards
0
sgleeAuthor Commented:
My client is using Windows 7.

Thanks for the suggestions. Sounds like TrueCrypt is good thing to use. How does it work? Does it cost money? Do you install some type of program and that is it?
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

Rich RumbleSecurity SamuraiCommented:
First, Security is a process, not a program. Inconvenience is a common trade off for security.
Don't just throw encryption at a problem :) Some time's it's not the right solution, other times it's perfect. You should probably use a two step approach, and note that if using M$ office's password to open is TOO HARD then everything else is going to be too.
I'd actually recommend M$ Office password if your client is using office 2007 or above, I cannot recommend the encryption on prior office suites.
Please read my article on choosing the encryption that is right for you for more detail:
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

You're client should keep data in a secure container, like a zip file or truecrypt container (drive), and then if possible further password protect the documents inside the container.
Full disk encryption does protect the data when it's physically stolen and the computer is powered off (99% of the time, there are caveats). So a two step approach should put further assurance that everything that can be done to protect the data is being done.
-rich
0
Dan CraciunIT ConsultantCommented:
Truecrypt is free.

Read here: http://www.truecrypt.org/docs/tutorial#Y0 the tutorial. If you can follow it, then you'll have no problem using it.

HTH,
Dan
0
McKnifeCommented:
> Do you install some type of program and that is it?
Not at all. Be aware that this would solve your problem but create another: the risk of total data loss due to problems with the encrypted data. Don't worry, if you handle it right and exercise the recovery AND MOST IMPORTANT create regular, non-encrypted backups on external media (what you should do no matter if encryption is used or not), you will be just fine. You have been warned ;)
0
EirmanChief Operations ManagerCommented:
If your customer is concerned about confidential data, the best way to do it is to create an encrypted container with Bestcrypt.

Suppose the laptop HD is 120 gigs and there is 80 gigs free, create a 50 gig container file (using a long passphrase). Set the properties of this file so it will automatically open when the laptop is started. Open the container file and a new drive (probably E:) will appear. Copy all the sensitive data to E:

Next backup your container file (twice is recommended). When you are sure that you can open and close your encrypted container and access the encrypted data, delete all the unencrypted data on the laptop.

Next use bestcrypt to securely wipe all free space including the recycle bin, on the drive. Your laptop data data is now secure and backed up.
=================================================================
You can of course encrypt the entire hard disk (called volume encryption) including the operating system, but backing data up is not as handy using this method.
With container encryption you only have to backup ONE file.

Bestcrypt (www.jetico.com) is easier than truecrypt to use, but it isn't free.

http://www.experts-exchange.com/blogs/Eirman/B_8046-Why-I-always-use-and-recommend-Bestcrypt-above-TrueCrypt.html
0
Rich RumbleSecurity SamuraiCommented:
It's supposed to be easier to detect a backdoor with Open Source as opposed to (BestCrypt/BitLocker/PGP etc..) closed source. Truth is most people can't read code, and when they can they then have to be a cryptographer on top of that.
There is no "best" if you ask me, there is what works for you, and offers a reasonably secure environment. Make sure the data that is being stored is well protected, not just using an encrypted drive, that's often not enough (please check out CrackMeIfYouCan Defcon contests)
If you only need to do some encryption on one PC, then why pay for an enterprise solution? I can guarantee you that no one can guarantee you one is better than the other, especially with what's coming to light these days. But there are free and even built-in solutions you can use, but the built-in solutions might get more complicated than the 3rd parties if you want the built-in stuff to work as well as the others.
http://www.experts-exchange.com/Security/Encryption/A_12132-Microsoft-EFS-Recovery.html
-rich
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.