Encrypting hard drive

 I have a customer who is keep client's confidential information/documents on his laptop and he is worried about the possibility of getting his laptop stolen and someone takes the hard drive out of this laptop and connect to another PC and access information/documents.
 So he like to find the way to protect the data on the hard drive.
 I am not familiar with data security other than assigning a password for each WORD/EXCEL file, but that would be too much work and would create a lot of inconvenience.
  Is there a simpler solution to this?

Who is Participating?
Dan CraciunConnect With a Mentor IT ConsultantCommented:
Not simpler, but definitely safer. Protected office files can be opened.

Use Truecrypt: http://www.truecrypt.org/

You can encrypt the whole harddrive and in case the laptop gets stolen the thief will not be able to recover any information from it.

Emmanuel AdebayoConnect With a Mentor Global Windows Infrastructure Engineer - ConsultantCommented:
Which OS is your client using? If it is Windows 7, you can use Bitlocker

There are various Encryption software there

DiskCryptor (GPL) - http://diskcryptor.net/wiki/Main_Page/en
Truecrypt -http://www.truecrypt.org/

sgleeAuthor Commented:
My client is using Windows 7.

Thanks for the suggestions. Sounds like TrueCrypt is good thing to use. How does it work? Does it cost money? Do you install some type of program and that is it?
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Rich RumbleConnect With a Mentor Security SamuraiCommented:
First, Security is a process, not a program. Inconvenience is a common trade off for security.
Don't just throw encryption at a problem :) Some time's it's not the right solution, other times it's perfect. You should probably use a two step approach, and note that if using M$ office's password to open is TOO HARD then everything else is going to be too.
I'd actually recommend M$ Office password if your client is using office 2007 or above, I cannot recommend the encryption on prior office suites.
Please read my article on choosing the encryption that is right for you for more detail:

You're client should keep data in a secure container, like a zip file or truecrypt container (drive), and then if possible further password protect the documents inside the container.
Full disk encryption does protect the data when it's physically stolen and the computer is powered off (99% of the time, there are caveats). So a two step approach should put further assurance that everything that can be done to protect the data is being done.
Dan CraciunConnect With a Mentor IT ConsultantCommented:
Truecrypt is free.

Read here: http://www.truecrypt.org/docs/tutorial#Y0 the tutorial. If you can follow it, then you'll have no problem using it.

McKnifeConnect With a Mentor Commented:
> Do you install some type of program and that is it?
Not at all. Be aware that this would solve your problem but create another: the risk of total data loss due to problems with the encrypted data. Don't worry, if you handle it right and exercise the recovery AND MOST IMPORTANT create regular, non-encrypted backups on external media (what you should do no matter if encryption is used or not), you will be just fine. You have been warned ;)
EirmanConnect With a Mentor Chief Operations ManagerCommented:
If your customer is concerned about confidential data, the best way to do it is to create an encrypted container with Bestcrypt.

Suppose the laptop HD is 120 gigs and there is 80 gigs free, create a 50 gig container file (using a long passphrase). Set the properties of this file so it will automatically open when the laptop is started. Open the container file and a new drive (probably E:) will appear. Copy all the sensitive data to E:

Next backup your container file (twice is recommended). When you are sure that you can open and close your encrypted container and access the encrypted data, delete all the unencrypted data on the laptop.

Next use bestcrypt to securely wipe all free space including the recycle bin, on the drive. Your laptop data data is now secure and backed up.
You can of course encrypt the entire hard disk (called volume encryption) including the operating system, but backing data up is not as handy using this method.
With container encryption you only have to backup ONE file.

Bestcrypt (www.jetico.com) is easier than truecrypt to use, but it isn't free.

Rich RumbleConnect With a Mentor Security SamuraiCommented:
It's supposed to be easier to detect a backdoor with Open Source as opposed to (BestCrypt/BitLocker/PGP etc..) closed source. Truth is most people can't read code, and when they can they then have to be a cryptographer on top of that.
There is no "best" if you ask me, there is what works for you, and offers a reasonably secure environment. Make sure the data that is being stored is well protected, not just using an encrypted drive, that's often not enough (please check out CrackMeIfYouCan Defcon contests)
If you only need to do some encryption on one PC, then why pay for an enterprise solution? I can guarantee you that no one can guarantee you one is better than the other, especially with what's coming to light these days. But there are free and even built-in solutions you can use, but the built-in solutions might get more complicated than the 3rd parties if you want the built-in stuff to work as well as the others.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.