The best way to prevent operating system cloning (and any other form of data theft) is through the use of encryption.
You didn't specify what type of device you're referring to, so you'll have to consult the manufacturer for specifics on how to implement it. Generally speaking, you'll need to purchase an encryption package and, depending upon the size of your implementation, may also wish to consider using a key escrow service to ensure key recovery in the event of a device failure.
For this particular scenario, you'll need to think about the best way to handle the data encryption keys. If you're worried about the physical security of the device, you won't want to store the key on the device, as it would be stolen at the same time. One successful technique I've seen involves storing encryption keys for hardware devices (especially secure telephones) on a removable device that the user keeps on his or her person. When the user wishes to activate the hardware device, he or she inserts the removable device, providing the encryption key.
For more information:
Dig deeper on Disk Encryption and File Encryption
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.