by May 2, 2011 0 comments

TThe importance of hard disk encryption can be best appreciated by putting yourself in different hypothetical situations.

Case 1: You went to an event with your laptop and left it on a seat while you went to grab yourself a tea. When you came back, your laptop was missing. Imagine yourself at that point of time. What would you be more worried about?–The laptop or the data stored in it? Chances are, you’ll be worried about the data.

Applies To: IT Heads, Security Specialists.
USP: Understand why HDD encryption is important and how to do it.
Related Articles: Get Armed Against Forensic Infringement:
Search Engine Keywords: HDD Encryption

Case 2: You closed your office for a long weekend, and when you came back, you discovered that there’s been a break-in, and the thieves stole all the PC components–hard drives, RAM, external components, etc. Here again, you would certainly be worried about loosing the hardware, but you’ll be equally worried about having lost the data stored in the hard drives.

Case 3: A disgruntled employee left the organization, and with him, took a lot of sensitive data that could cause your company a lot of damage if it reached competition.

We hope you’ve got the picture by now. In most cases, you’ll be more worried about data theft than anything else. At any of those instances, you’ll be giving a sigh of relief, if you knew that all the data in those hard drives was encrypted. You could either encrypt the full hard drive or just certain files, or disk volumes. In full HDD encryption, as the name suggests, the entire hard drive is encrypted, so only the person who has the key or password can access it. The only way for somebody to access data from a fully encrypted hard drive is when the system is on, or you’re transferring data via email or external hard drive. In full HDD encryption, all data is encrypted. The only thing that’s left un-encrypted is the MBR (Master Boot Record), which can also be encrypted through hardware. Another type of hard disk encryption is file or folder encryption. Here you can encrypt different hard disk volumes, files and folders. Even while transferring files or folder, the data being transferred is encrypted.

Hardware-based encryption

Encryption is also done through hardware. For that TPM (Trusted Platform Module) chip is used. This chip is embedded on the motherboard and can be enabled or disabled through BIOS. In Windows Vista and 7, if you are using Bit Locker, you need to have the TPM chip enabled. Since this chip is unique for every hardware, it helps in checking the authenticity of the hardware. If you plug-in your hard disk to other machines, it will not be authenticated or decrypted. To authenticate you will require a unique key or password. Though there is still security concern in hard disk encryption like key loggers. They can track your password and send them to anonymous person via email. Hardware key loggers can even record your BIOS password, if you have one for BIOS. Here we tried and tested one of the encryption software: SafeBit. It works on AES256, which is said to be hard to decrypt. SafeBit is easy to install and use. It creates a virtual partition which is actually called a safe. This safe is password protected and you can also change the size of this safe. We tested a trial version which is a 15 day trial. You can download the full version from here: it will cost you $39.95. Another hard disk encryption software that you can try is TrueCrypt, which is an open source encrypting software and is free of cost.

Click on the image to enlarge

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.