My company has a factory in China. Data theft is rampant and I'm trying to control it as best as I can. I'd like to encrypt all of the hard drives, but Chinese computers do not come with TPM chips. (same model in the USA does, but in China it's missing - We use Dells).
Right now, there's nothing stopping someone from opening up their computer and borrowing the hard drive and copying all the information off.
Using Veracrypt or Bitlocker is great, but then I need to give the users the password whenever they reboot their computer, which defeats the purpose. A unlocker USB is nice too, but they can just borrow that at the same time.
The only thing I can think of is to import US made motherboards for all our computers which have TPM chips. Not exactly a fun proposition.
Can anyone suggest anything?