The best way to prevent operating system cloning (and any other form of data theft) is through the use of encryption....
You didn't specify what type of device you're referring to, so you'll have to consult the manufacturer for specifics on how to implement it. Generally speaking, you'll need to purchase an encryption package and, depending upon the size of your implementation, may also wish to consider using a key escrow service to ensure key recovery in the event of a device failure.
For this particular scenario, you'll need to think about the best way to handle the data encryption keys. If you're worried about the physical security of the device, you won't want to store the key on the device, as it would be stolen at the same time. One successful technique I've seen involves storing encryption keys for hardware devices (especially secure telephones) on a removable device that the user keeps on his or her person. When the user wishes to activate the hardware device, he or she inserts the removable device, providing the encryption key.
For more information:
Dig Deeper on Disk and file encryption tools
Related Q&A from Mike Chapple
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading