Hard Drive Encryption

Posted on 2015-01-14
Medium Priority
Last Modified: 2015-02-24
We have a client that is getting a new mobile workstation. He has a concern about the safety of his data when he is out of the office.

What is the best practice for data encryption? Bitlocker? Symantec?

The machine has not yet been purchased, but they have been using Win7 Pro in the office. I understand that Win 8 Pro has bitlocker. Would this be the easiest route?
Question by:BlackJack11
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 56

Expert Comment

ID: 40550099

Surely, bitlocker is an easy route and you will save money unless you go with the freewares of whom I will name disk cryptor, veracrypt and truecrypt. Unlike Bitlocker, those freewares don't allow transparent encryption, which means utilizing the tpm security chip that most laptop feature nowadays. Transparent encryption does not require an extra password.
Another possible and truely easy route is to purchase a self encrypting drive ("SED") with your laptop (consider an SSD upgrade in any case), like the samsung EVO series. That would mean, no software is used at all.

So there are plenty of options and all are pretty easy, all are worth looking at if you have the time. If you don't, the easiest in software is win8.1 pro and bitlocker with TPM for sure. The overall easiest is the SED, unless you are keen to get the "password-free option".

there is more to say, but I will wait for feedback, first.
LVL 38

Expert Comment

by:Rich Rumble
ID: 40555064
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html Says it all :) The user should understand that disk encryption only protects from physical theft of the device when it's powered off, read the article for full details.

Author Comment

ID: 40572786
Thank you for the feedback. They would like to go with the software route for encryption. They've mentioned interest in Symantec's Encryption Product; any feedback on that piece? We are trying to push the 8.1 Bitlocker route for costs reasons and availability.

A question we were asked is will the encryption have any performance impacts. The clients are engineers and have higher-end workstations to render their CAD drawings. Does BitLocker or Symantec have any performance affect on the machine?

Thanks for the article, reading it now.
LVL 56

Accepted Solution

McKnife earned 2000 total points
ID: 40572852
You are having a client who proposes symantec? I thought it was your job to propose something :)

We used symantec's encryption until we switched to bitlocker. See my list of features here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_7/Q_27634304.html#a37727179 ->Symantec's had only one single advantage compared to bitlocker : single sign on. Apart from that, BL is the same at no additional cost. Symantec's product costs annual maintenance fee's (for updates), don't forget that.

The best performance would be to use hardware encryption, be it with or without bitlocker (BL does support HW encryption since win8.1). I would have to look at the specs of Symantec's current version to see if they do, too.

We have engineers with autodesk inventor (a huge CAD suite), here, they are happy with the disk performance of BL.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question