If your company is contemplating a migration to the new Windows Vista operating system, you might want to consider...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the Business, Ultimate or Enterprise editions. Each includes a new hard drive feature called BitLocker Drive Encryption. By default, the technology requires a Trusted Platform Module (TPM) chip usually found only in higher-end systems. However, you can set group policy so that a USB storage device can store the encryption keys. This setting prevents the computer from booting up until the USB device is plugged in. Great two-factor authentication!
WinMagic's disk encryption software, SecureDoc, offers another way to add pre-boot authentication. If you are having problems with the time it takes to decrypt data, I would consider creating a volume that automatically encrypts all files stored on it; then I would move the My Documents folder to reside there. As long as software programs are not stored on this encrypted drive, there should only be a negligible impact on performance.
If you wish to use encryption abroad, you will have to ensure that the product you choose can be used in the countries that your staff may need to visit. The Bureau of Industry and Security assigns a license exception to most commercial encryption products, allowing them to be exported to only specified destinations. PGP, for example, falls within three types of license exception: mass market, ENC restricted and ENC unrestricted. None of these categories, however, allow encryption products to be exported to the following embargoed countries: Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria.
Other steps you can take to protect on-the-road laptops include locking down the operating system and providing users with a physical lock. Better still, insist that users remove hard drives and lock them in a safe whenever they leave their laptops unattended. Some organizations now provide spare drives that have to be installed when working in a hostile environment; anywhere outside the confines of the office. These drives only contain company data that is classified as public. Any other data has to be stored on encrypted USB keys carried separately from the laptop. Proximity alarms can also be attached to a laptop, which will go off if the computer gets too far away from its owner. Finally, I would ensure that all of the laptop-using staff receive security awareness training. The training should be aimed at the particular threats that laptop users face, such as unsecured public Wi-Fi and opportunist thieves.
Dig Deeper on Disk Encryption and File Encryption
Related Q&A from Michael Cobb
C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to ...continue reading
Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and ...continue reading
A Linux vulnerability that affects 80% of Android devices allows for attacks on TCP communications and remote code execution. Expert Michael Cobb ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.