The best way to prevent operating system cloning (and any other form of data theft) is through the use of encryption. You didn't specify what type of device you're referring to, so you'll have to consult the manufacturer for specifics on how to implement it. Generally speaking, you'll need to purchase an encryption package and, depending upon the size of your implementation, may also wish to consider using a key escrow service to ensure key recovery in the event of a device failure.
For this particular scenario, you'll need to think about the best way to handle the data encryption keys. If you're worried about the physical security of the device, you won't want to store the key on the device, as it would be stolen at the same time. One successful technique I've seen involves storing encryption keys for hardware devices (especially secure telephones) on a removable device that the user keeps on his or her person. When the user wishes to activate the hardware device, he or she inserts the removable device, providing the encryption key.
For more information:
This was first published in July 2009