Solved

Data secure on Window 7 /8

Posted on 2013-12-03
5
386 Views
Last Modified: 2013-12-10
Need several alternative to protect Window 7 / 8 data

1. For bitlock encrytion on Window 7 / 8,  can it support Professional or each Window need to be in Enterprise version.

2. Any other solution that even work on normal Window to protect data encryption ? Is there any product that can even support remote wiping the data ?

Tks
0
Comment
Question by:AXISHK
  • 2
  • 2
5 Comments
 
LVL 27

Assisted Solution

by:Jason Watkins
Jason Watkins earned 200 total points
ID: 39692807
Bitlocker is available only for Enterprise and Ultimate editions of Windows 7. I am not sure about Windows 8, but would guess the Pro and Enterprise versions there support Bitlocker. Symantec's PGP Desktop supports Full Disk Encryption. That what we use where I work.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39692943
Bitlocker supports encrypted volumes protected with either 128-bit or 256-bit AES and optionally diffused using an algorithm called Elephant.

BitLocker is only available in the Ultimate and Enterprise editions of Microsoft's Windows Vista and Windows 7, and with the Pro and Enterprise editions of Windows 8, as well as Windows Server 2008, Windows Server 2008 R2 and Windows Server 2012.

TrueCrypt permits cascading of strong 256-bit encryption ciphers, such as AES-Twofish-Serpent (recommended)

truecrypt algorithms
Meaning the Serpent layer is encrypted with a Twofish layer, which is encrypted with an AES layer.

At the end of the day these are all symmetric (private key) ciphers, meaning the protection provided is dependent upon not only how strong your private key (password) is but also how well protected that key remains.

Consider a password with sufficient haystack search depth to thwart brute force attempts.

One idea to consider is selecting a file or phrase for use as the password, and then creating a SHA256 hash against it.  You would then use the SHA256 hash as your password.

For greater security, you want to implement 2-factor authentication (something you know , something you have, or something you are)

For example, using TrueCrypt in conjunction with a password (something you know) and YubiKey (something you have).  TrueCrypt supports other options, such as tokens and smart cards.

PGP Disk Encryption is another excellent product and can provide for more centralized control.
0
 

Author Comment

by:AXISHK
ID: 39695587
can the product something remote data wipe or erase all data if too many password attempt ?

Tks
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 300 total points
ID: 39695979
A truecrypt encrypted volume is a stand-alone file and thus cannot destroy itself when brute forced tactics are being deployed.  However, if you incorporate a device dedicated to this purpose, such as an IronKey, you can achieve both.  (e.g. use IronKey to host your Truecrypt volume (this is what I use personally.)

The device will permanently self-destruct after 10 consecutive incorrect password attempts, and a ruggedized, waterproof metal chassis resists physical break-ins and is tamper evident.

HARDWARE ENCRYPTION
Data: 256-bit AES Cipher-Block Chained mode
PKI: 2048-bit RSA
Hashing: 256-bit SHA
FIPS Validations: 140-2 Level 3
0
 

Author Closing Comment

by:AXISHK
ID: 39710631
Tks
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No matter the version of Windows you are using, you may have some problems with Windows Search running too slow or possibly not running at all. Before jumping into how you can solve this issue, just know there are many other viable alternative deskt…
A quick guide on how to use Group Policy to create a custom power plan and set it active on Windows 7.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question