Solved

Alternatives to Bitlocker for data encryption

Posted on 2013-12-23
4
2,047 Views
Last Modified: 2013-12-27
A laptop without a TPM chip needs to be secure: it's to be used by a doctor to store patient details, so if the laptop gets lost or stolen it needs to be unreadable.

Other than Bitlocker, what are the options for security without being a pain in the neck for day-to-day use?

It is a standalone Windows 8.1 laptop, to which we are about to upgrade to Windows 8.1 Pro to get the use of Bitlocker - but would like to check alternatives before committing.
0
Comment
Question by:RedLondon
4 Comments
 
LVL 35

Assisted Solution

by:Joseph Daly
Joseph Daly earned 100 total points
ID: 39736872
You could take a look at symantec PGP desktop edition.
http://www.symantec.com/encryption-desktop-pro

We use the corporate edition for about 1000 laptops and its rollout was pretty simple. I havent worked with the standalone desktop version but its probably very similar.

Another free option you may want to look at would encrypting the drive with truecrypt.
http://www.truecrypt.org/
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 39737140
There are lots more:
https://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

Do you have a copy of same data somewhere else?
What if TPM fails? Or you need to replace the disk etc?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 100 total points
ID: 39737296
My wife's corporate laptop has McAfee Endpoint Encryption on it and it appears to be a good piece of software.  Safeboot requires authentication at boot time and is whole hard drive encrypted.

http://www.mcafee.com/ca/resources/data-sheets/ds-endpoint-encryption.pdf

Not sure what it costs, but what's the data worth?
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 200 total points
ID: 39741817
Remember the protection from full disk encryption only for the scenerio the author outlined above, if the LT is stolen, and it's powered off. If the Laptop is stolen when powered on, it is possible to be able to get the decryption key from memory even if it's locked by using a firewire port or possibly inserting a PCMCIA ->Firewire adapter.
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

I would recommend TrueCrypt, TPM doesn't actually do much to add security other than ensure that you can't plug the HDD into another computer and try to boot it with the correct password. It's an inconvenience for a unlikely scenario.
http://blog.crackpassword.com/2012/12/elcomsoft-decrypts-bitlocker-pgp-and-truecrypt-containers/ $300
http://www.lostpassword.com/hdd-decryption.htm $1000

Full disk encryption is still good to do, I just have to point out that it's not 100% if it's powered on when stolen.
-rich
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question