Data security, encryption etc

craig51

craig51

craig51

Associate
Joined
14 Aug 2007
Posts
11
OK,

My friend is going to start his own accoutancy business, initally starting from home. One of his biggest concerns is client security.

I have bought him a wee removeable harddrive, which he makes a backup of his data, and sticks it in a fire/flood/bomb proo security box in his cellar.

However, what if his PC got nicked!!!! At the moment he has a Bios password, window password and paswords for all his files.

Is there a way to totally encrypt a hardrive, so that before it even loads windows, or after, you would need t enter a decryption key. If so, does anyone know the best way to do this???

Cheers.
 
How about putting the machine's drive, or a storage drive with all the secure content, into a harddrive caddy?

At the end of the night, shove it in the safe.

Go one better, and make weekly backups on a Friday. The backup drive will then only be on the premises on Fridays. :)
 
craig51 said:
Is there a way to totally encrypt a hardrive, so that before it even loads windows, or after, you would need t enter a decryption key.
Click to expand...

http://www.pgp.com/products/wholediskencryption/index.html

What is the end-user experience?
The only change in the end-user experience with PGP Whole Disk Encryption is the addition of a pre-boot authentication screen. The pre-boot authentication screen protects the system from being accessed by unauthorized users by disabling their ability to attack operating system–level authentication mechanisms. Once the end user provides valid authentication, encryption and decryption of the disk are transparent to both the user and the operating system. The pre-boot authentication passphrase can be synchronized with the Windows logon, enabling Windows users to be automatically logged into their system without requiring additional passphrases or user actions.
Click to expand...

Also available as a package.
 
If he's serious about securing his data then disk encryption is indeed the way to go... ignore any other suggestions. The company I work for is regulated by the FSA, and disk encryption is very strongly recommended.

TrueCrypt is a fantastic piece of kit, and I've recommended it in the past on countless occasions. However, it is an open source product so your friend should realise there's no support option apart from unofficial online forums, etc...

If technical support is going to be something he'd rather be able to rely upon in case of problems, then it might be worth him considering one of the many commercial offerings, such as BestCrypt by Jetico, Safeguard by Utimaco, PGPDisk by PGP Corp., etc...

Alternatively, he could consider using the BitLocker feature within Vista.

If tech support isn't a worry, then go with TrueCrypt cause it's such a good product.
 
Last edited:
Chaos said:
A bank I worked for used Utimaco safeguard for their laptops.
Click to expand...
It's very good because it offers full disk encryption, as opposed to some applications, including TrueCrypt, which only encrypt a volume.

Full disk encryption may be a bit of overkill for what the OP's friend is going to be doing, but I can completely understand why a bank would be looking at using Utimaco's products. They're not the cheapest but they are some of the best in the market.

I'd better not say what product we use as it's against company policy ;)
 
JIM_BOB7813 said:
And not easily guessable. Make up a random password and then spend time remembering it.
Click to expand...

I'd vote for truecrypt aswell I use a 30 alpha numeric password made up of random numbers and letters I have completely memorized however if I forget I have a very simple formula that i have memorized to work it out.
 
Go for PGP.

We use it at work for securing all our passwords for our systems. I find it good because of the shared keys you can decide who can and can't see information. This is better than having a single password which can be lost or more easily found out than using keys.
 
The problem with software like TruCrypt is that the OS partition is unencrypted. When you work with encrypted files, the OS or an app may leave temporary copies lying around on the unencrypted partition(s).
 
i'd say more important that software security is physical security - get a hard drive case that is bolted and padlocked to his desk.

i highly doubt a robber would turn the PC on and start copying files across to a usb harddrive whilst the alarm is going off!
 
Truecrypt is fantastic and secure if you use a long random password.

Also, if he uses vista get business or ultimate and use Bitlocker encryption.
 
GarethDW said:
If he's serious about securing his data then disk encryption is indeed the way to go... ignore any other suggestions. The company I work for is regulated by the FSA, and disk encryption is very strongly recommended.

TrueCrypt is a fantastic piece of kit, and I've recommended it in the past on countless occasions. However, it is an open source product so your friend should realise there's no support option apart from unofficial online forums, etc...

If technical support is going to be something he'd rather be able to rely upon in case of problems, then it might be worth him considering one of the many commercial offerings, such as BestCrypt by Jetico, Safeguard by Utimaco, PGPDisk by PGP Corp., etc...

Alternatively, he could consider using the BitLocker feature within Vista.

If tech support isn't a worry, then go with TrueCrypt cause it's such a good product.
Click to expand...


I didn't like TrueCrypt because it needs two drive letter for every volume. Which is annoying if you've a good few disks connected etc. Which of these other tools doesn't need multiple drive letters? I'd pay for something if I thought it handier than TrueCrypt.
 
You must log in or register to reply here.
Back
Top Bottom