Solved

Alternatives to Bitlocker for data encryption

Posted on 2013-12-23
4
2,061 Views
Last Modified: 2013-12-27
A laptop without a TPM chip needs to be secure: it's to be used by a doctor to store patient details, so if the laptop gets lost or stolen it needs to be unreadable.

Other than Bitlocker, what are the options for security without being a pain in the neck for day-to-day use?

It is a standalone Windows 8.1 laptop, to which we are about to upgrade to Windows 8.1 Pro to get the use of Bitlocker - but would like to check alternatives before committing.
0
Comment
Question by:RedLondon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 35

Assisted Solution

by:Joseph Daly
Joseph Daly earned 100 total points
ID: 39736872
You could take a look at symantec PGP desktop edition.
http://www.symantec.com/encryption-desktop-pro

We use the corporate edition for about 1000 laptops and its rollout was pretty simple. I havent worked with the standalone desktop version but its probably very similar.

Another free option you may want to look at would encrypting the drive with truecrypt.
http://www.truecrypt.org/
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 39737140
There are lots more:
https://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

Do you have a copy of same data somewhere else?
What if TPM fails? Or you need to replace the disk etc?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 100 total points
ID: 39737296
My wife's corporate laptop has McAfee Endpoint Encryption on it and it appears to be a good piece of software.  Safeboot requires authentication at boot time and is whole hard drive encrypted.

http://www.mcafee.com/ca/resources/data-sheets/ds-endpoint-encryption.pdf

Not sure what it costs, but what's the data worth?
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 200 total points
ID: 39741817
Remember the protection from full disk encryption only for the scenerio the author outlined above, if the LT is stolen, and it's powered off. If the Laptop is stolen when powered on, it is possible to be able to get the decryption key from memory even if it's locked by using a firewire port or possibly inserting a PCMCIA ->Firewire adapter.
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

I would recommend TrueCrypt, TPM doesn't actually do much to add security other than ensure that you can't plug the HDD into another computer and try to boot it with the correct password. It's an inconvenience for a unlikely scenario.
http://blog.crackpassword.com/2012/12/elcomsoft-decrypts-bitlocker-pgp-and-truecrypt-containers/ $300
http://www.lostpassword.com/hdd-decryption.htm $1000

Full disk encryption is still good to do, I just have to point out that it's not 100% if it's powered on when stolen.
-rich
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question