?
Solved

Data secure on Window 7 /8

Posted on 2013-12-03
5
Medium Priority
?
397 Views
Last Modified: 2013-12-10
Need several alternative to protect Window 7 / 8 data

1. For bitlock encrytion on Window 7 / 8,  can it support Professional or each Window need to be in Enterprise version.

2. Any other solution that even work on normal Window to protect data encryption ? Is there any product that can even support remote wiping the data ?

Tks
0
Comment
Question by:AXISHK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 27

Assisted Solution

by:Jason Watkins
Jason Watkins earned 800 total points
ID: 39692807
Bitlocker is available only for Enterprise and Ultimate editions of Windows 7. I am not sure about Windows 8, but would guess the Pro and Enterprise versions there support Bitlocker. Symantec's PGP Desktop supports Full Disk Encryption. That what we use where I work.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39692943
Bitlocker supports encrypted volumes protected with either 128-bit or 256-bit AES and optionally diffused using an algorithm called Elephant.

BitLocker is only available in the Ultimate and Enterprise editions of Microsoft's Windows Vista and Windows 7, and with the Pro and Enterprise editions of Windows 8, as well as Windows Server 2008, Windows Server 2008 R2 and Windows Server 2012.

TrueCrypt permits cascading of strong 256-bit encryption ciphers, such as AES-Twofish-Serpent (recommended)

truecrypt algorithms
Meaning the Serpent layer is encrypted with a Twofish layer, which is encrypted with an AES layer.

At the end of the day these are all symmetric (private key) ciphers, meaning the protection provided is dependent upon not only how strong your private key (password) is but also how well protected that key remains.

Consider a password with sufficient haystack search depth to thwart brute force attempts.

One idea to consider is selecting a file or phrase for use as the password, and then creating a SHA256 hash against it.  You would then use the SHA256 hash as your password.

For greater security, you want to implement 2-factor authentication (something you know , something you have, or something you are)

For example, using TrueCrypt in conjunction with a password (something you know) and YubiKey (something you have).  TrueCrypt supports other options, such as tokens and smart cards.

PGP Disk Encryption is another excellent product and can provide for more centralized control.
0
 

Author Comment

by:AXISHK
ID: 39695587
can the product something remote data wipe or erase all data if too many password attempt ?

Tks
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 1200 total points
ID: 39695979
A truecrypt encrypted volume is a stand-alone file and thus cannot destroy itself when brute forced tactics are being deployed.  However, if you incorporate a device dedicated to this purpose, such as an IronKey, you can achieve both.  (e.g. use IronKey to host your Truecrypt volume (this is what I use personally.)

The device will permanently self-destruct after 10 consecutive incorrect password attempts, and a ruggedized, waterproof metal chassis resists physical break-ins and is tamper evident.

HARDWARE ENCRYPTION
Data: 256-bit AES Cipher-Block Chained mode
PKI: 2048-bit RSA
Hashing: 256-bit SHA
FIPS Validations: 140-2 Level 3
0
 

Author Closing Comment

by:AXISHK
ID: 39710631
Tks
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question