Solved

Hard Drive Encryption

Posted on 2015-01-14
4
104 Views
Last Modified: 2015-02-24
We have a client that is getting a new mobile workstation. He has a concern about the safety of his data when he is out of the office.

What is the best practice for data encryption? Bitlocker? Symantec?

The machine has not yet been purchased, but they have been using Win7 Pro in the office. I understand that Win 8 Pro has bitlocker. Would this be the easiest route?
0
Comment
Question by:BlackJack11
  • 2
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 40550099
Hi.

Surely, bitlocker is an easy route and you will save money unless you go with the freewares of whom I will name disk cryptor, veracrypt and truecrypt. Unlike Bitlocker, those freewares don't allow transparent encryption, which means utilizing the tpm security chip that most laptop feature nowadays. Transparent encryption does not require an extra password.
Another possible and truely easy route is to purchase a self encrypting drive ("SED") with your laptop (consider an SSD upgrade in any case), like the samsung EVO series. That would mean, no software is used at all.

So there are plenty of options and all are pretty easy, all are worth looking at if you have the time. If you don't, the easiest in software is win8.1 pro and bitlocker with TPM for sure. The overall easiest is the SED, unless you are keen to get the "password-free option".

there is more to say, but I will wait for feedback, first.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 40555064
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html Says it all :) The user should understand that disk encryption only protects from physical theft of the device when it's powered off, read the article for full details.
-rich
0
 

Author Comment

by:BlackJack11
ID: 40572786
Thank you for the feedback. They would like to go with the software route for encryption. They've mentioned interest in Symantec's Encryption Product; any feedback on that piece? We are trying to push the 8.1 Bitlocker route for costs reasons and availability.

A question we were asked is will the encryption have any performance impacts. The clients are engineers and have higher-end workstations to render their CAD drawings. Does BitLocker or Symantec have any performance affect on the machine?

Thanks for the article, reading it now.
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40572852
You are having a client who proposes symantec? I thought it was your job to propose something :)

We used symantec's encryption until we switched to bitlocker. See my list of features here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_7/Q_27634304.html#a37727179 ->Symantec's had only one single advantage compared to bitlocker : single sign on. Apart from that, BL is the same at no additional cost. Symantec's product costs annual maintenance fee's (for updates), don't forget that.

The best performance would be to use hardware encryption, be it with or without bitlocker (BL does support HW encryption since win8.1). I would have to look at the specs of Symantec's current version to see if they do, too.

We have engineers with autodesk inventor (a huge CAD suite), here, they are happy with the disk performance of BL.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question