Solved

Hard Drive Encryption

Posted on 2015-01-14
4
100 Views
Last Modified: 2015-02-24
We have a client that is getting a new mobile workstation. He has a concern about the safety of his data when he is out of the office.

What is the best practice for data encryption? Bitlocker? Symantec?

The machine has not yet been purchased, but they have been using Win7 Pro in the office. I understand that Win 8 Pro has bitlocker. Would this be the easiest route?
0
Comment
Question by:BlackJack11
  • 2
4 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 40550099
Hi.

Surely, bitlocker is an easy route and you will save money unless you go with the freewares of whom I will name disk cryptor, veracrypt and truecrypt. Unlike Bitlocker, those freewares don't allow transparent encryption, which means utilizing the tpm security chip that most laptop feature nowadays. Transparent encryption does not require an extra password.
Another possible and truely easy route is to purchase a self encrypting drive ("SED") with your laptop (consider an SSD upgrade in any case), like the samsung EVO series. That would mean, no software is used at all.

So there are plenty of options and all are pretty easy, all are worth looking at if you have the time. If you don't, the easiest in software is win8.1 pro and bitlocker with TPM for sure. The overall easiest is the SED, unless you are keen to get the "password-free option".

there is more to say, but I will wait for feedback, first.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 40555064
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html Says it all :) The user should understand that disk encryption only protects from physical theft of the device when it's powered off, read the article for full details.
-rich
0
 

Author Comment

by:BlackJack11
ID: 40572786
Thank you for the feedback. They would like to go with the software route for encryption. They've mentioned interest in Symantec's Encryption Product; any feedback on that piece? We are trying to push the 8.1 Bitlocker route for costs reasons and availability.

A question we were asked is will the encryption have any performance impacts. The clients are engineers and have higher-end workstations to render their CAD drawings. Does BitLocker or Symantec have any performance affect on the machine?

Thanks for the article, reading it now.
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 40572852
You are having a client who proposes symantec? I thought it was your job to propose something :)

We used symantec's encryption until we switched to bitlocker. See my list of features here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_7/Q_27634304.html#a37727179 ->Symantec's had only one single advantage compared to bitlocker : single sign on. Apart from that, BL is the same at no additional cost. Symantec's product costs annual maintenance fee's (for updates), don't forget that.

The best performance would be to use hardware encryption, be it with or without bitlocker (BL does support HW encryption since win8.1). I would have to look at the specs of Symantec's current version to see if they do, too.

We have engineers with autodesk inventor (a huge CAD suite), here, they are happy with the disk performance of BL.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now