![]() Click Next.Īt the Rescue Disk screen, click Next. TrueCrypt will use the readings from your mouse to generate a high-quality random number to be used during the encryption process. On the Collecting Random Data screen, wiggle your mouse in a haphazard fashion. Choosing a strong password is the most important part of full disk encryption. If you have a dual-boot setup, you cannot use TrueCrypt full disk encryption at this time.Īccept the defaults on the Encryption Options screen, then click Next.Ĭhoose a very strong password and enter it on the Password window. Select No to Encryption of Host Protected Area, then click Next. Select Encrypt the system partition or entire system drive, then click Next. Under the System menu, select Encrypt System Partition/Drive… Select Normal, then click Next. Launch TrueCrypt by clicking on the icon in your Start menu. Run the setup program ( TrueCrypt Setup N.NN.exe) and perform a default installation. TrueCrypt is perfect for stand-alone systems like those you have at home.įirst: Back up your computer! Before making any major change to your computer, it is always a good idea to create a backup of your important files.ĭownload the TrueCrypt installer from their website: Bucknell-managed systems use Microsoft’s Bitlocker encryption, which is designed for large, centrally managed networks. This procedure is for your personal, Windows-based computer only. Should your computer fall into the wrong hands, your data is safe and secure.Īre you ready to encrypt your computer? Let’s get started! ![]() As such, TrueCrypt will ask you for your password every time you reboot your computer - before Windows begins to load. It even encrypts the files that allow you to boot into Windows. A full disk encryption program, such as TrueCrypt, encrypts every byte of data present on the hard drive of your computer. There is a solution to this problem, and it doesn’t come in the form of a laptop lock (even though they do help). What would happen if your computer was lost or stolen, and the information on your system is made public? Are your accounts safe? What about your credit score? Were any of the work files confidential? Was your online banking password on there? Losing your computer can be a terrifying prospect. Most people come up with a similar list: Photos. So while BitLocker is more resilient to opportunistic EM attacks (it takes more to re-develop a spoofed user interaction screen for BitLocker than just copy the EM tool for trucrypt on a USB key), it's not 100% bulletproof (no solution is).Take a moment to think about the information that is present on your personal computer. There are ways of defeating BitLocker+TPM ( article, paper) but no public tools available AFAIK. Note than BitLocker will be more resilient than TrueCrypt only if used on a TPM-enabled computer. I suggest you read the articles of Joanna Rutkowska on both products :īut if you're sure that your coworkers will always take good care of their laptops - with safety case and all, you can go for TrueCrypt.Īdditionnal details about BitLocker and EM attacks : With Evil Maid (EM) attack tools now available for TrueCrypt, I'd go for BitLocker if I had the budget, because EM-like attacks are quite more complicated, and it integrates better with AD etc as Oskar Duveborn stated. That means an 80Gb encrypted partition creates an 80Gb image file :( The next problem I face is imaging (Acronis/Ghost/.) encrypted drives will not work unless I perform sector-by-sector imaging. Ideally I am also interested in 'real world' experience from people who are using drive encryption software and any pitfalls to look out for.ĭecided to go with TrueCrypt for the following reasons:ī) I am not managing a large quantity of laptops so integration with Active Directory, Management consoles etc is not a huge benefitĬ) Although eks did make a good point about Evil Maid (EM) attacks, our data is not that desirable to consider it a major factorĭ) The cost (free) is a big plus but not the primary motivator Can anyone offer suggestions on the best course of action:Ī) Use BitLocker, bite the bullet and pay to upgrade to Enterprise/Ultimateī) Pay for another 3rd party drive encryption product that is cheaper (suggestions appreciated)Ĭ) Use a free drive encryption product such as TrueCrypt Windows BitLocker seems the obvious choice, but it looks like I need to purchase either Windows 7 Enterprise or Ultimate editions to get it. Due to the nature of our business I will need drive encryption. I will soon be purchasing a number of laptops running Windows 7 for our mobile staff.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |