Dr. Pomade Posted November 2, 2013 Report Share Posted November 2, 2013 I've been looking into encryption software for my computers, etc., but I'm not sure what to get. I heard about Microsoft's BitLocker, and that sounds like it would have everything I would need. Problem is, I only have Microsoft Windows 7 Home, and BitLocker doesn't come as part of that package. I've tried doing a couple of searches to just find the BitLocker so I can buy it and install it, but apparently I'm a moron and can't find it. So, I'd like your help. 1. Is there someplace where I can just buy BitLocker? I would think there would be - like this is a painfully obvious question - but I can't find it. 2. Is there some alternative to BitLocker that I should be considering? I'm not sure if I have given you enough information to give me a recommendation, so let me know if there's other stuff I should elaborate upon. Warning: I'm far from an IT guy, so please go slow with me and use very small words. Thanks in advance. Quote Link to comment Share on other sites More sharing options...
Mojoe Posted November 2, 2013 Report Share Posted November 2, 2013 I'm no computer guy. That said, you can upgrade your windows 7 to 7 Ultimate, which has bitlocker. That's what I use and have been please with it. I have a few external HD that I have encrypted using it. Been running it for 3ish years now with no issue. Quote Link to comment Share on other sites More sharing options...
Mr. Jones Posted November 2, 2013 Report Share Posted November 2, 2013 For beast mode full disc encryption, I'd go sophos. Lots of big corporations use it.. Quote Link to comment Share on other sites More sharing options...
unfunnyryan Posted November 2, 2013 Report Share Posted November 2, 2013 TrueCrypt all the way. http://www.maximumpc.com/article/howtos/how_to_encrypt_your_entire_hard_drive_the_easy_way_using_truecrypt Quote Link to comment Share on other sites More sharing options...
Not Brian Posted November 2, 2013 Report Share Posted November 2, 2013 I'm no computer guy. That said, you can upgrade your windows 7 to 7 Ultimate, which has bitlocker. That's what I use and have been please with it. I have a few external HD that I have encrypted using it. Been running it for 3ish years now with no issue. Probably cheaper than buying 3rd party software. John here's how to upgrade, if you're interested. http://windows.microsoft.com/en-us/windows7/help/videos/upgrade-to-another-edition-of-windows-7-by-using-windows-anytime-upgrade The government uses bitlocker on all our machines, for whatever that's worth. Quote Link to comment Share on other sites More sharing options...
unfunnyryan Posted November 2, 2013 Report Share Posted November 2, 2013 Oh, and this is worth mentioning when you select a password for it all. Make up some silly phrase and throw a number and a capital in there, it doesn't matter how many or where. http://imgs.xkcd.com/comics/password_strength.png Quote Link to comment Share on other sites More sharing options...
KillJoy Posted November 2, 2013 Report Share Posted November 2, 2013 If you just need a "better" version of Windows 7, you can type "Anytime Upgrade" into the box above the Start Button. This will take to you a Microsoft Site to pay to upgrade to another Version. If this is for work, I would suggest Windows 7 Professional. I believe it is ~ $100. KillJoy Quote Link to comment Share on other sites More sharing options...
acklac7 Posted November 2, 2013 Report Share Posted November 2, 2013 TrueCrypt all the way. Yup. Quote Link to comment Share on other sites More sharing options...
Exodus Posted November 2, 2013 Report Share Posted November 2, 2013 TrueCrypt all the way. http://www.maximumpc.com/article/howtos/how_to_encrypt_your_entire_hard_drive_the_easy_way_using_truecrypt this Quote Link to comment Share on other sites More sharing options...
2highpsi Posted November 2, 2013 Report Share Posted November 2, 2013 The most important question is, why? Is it a matter of HIPAA compliance? Is it just for personal piece of mind? Or are you a secret agent with the utmost sensative data that can't fall into the wrong hands? :gabe: For a meaningful recommendation, the "why" really needs to be known. As a general blanket for most people... I agree with below: TrueCrypt all the way. http://www.maximumpc.com/article/howtos/how_to_encrypt_your_entire_hard_drive_the_easy_way_using_truecrypt Quote Link to comment Share on other sites More sharing options...
JaSSon Posted November 2, 2013 Report Share Posted November 2, 2013 Stay away from Bitlocker. I used it i the past, and lost my data because I didn't realize that I needed to export the key. The MS Bitlocker encryption key is unique to your windows install. IE: it's not a password you enter. If someone steals your laptop, they have access to your encrypted info. If you have a backup of your encrypted files, your HDD crashes, and you do a fresh install of Windows on a new HDD, your backup is worthless. Maybe the NSA can recover your data, but you can't. I use Winrar to compress and archive files and them PW protect them. It works for my purposes, which in the grand scheme of things aren't important. If you're using Bitlocker, don't. un-encrypt your files and use proper encryption software. Quote Link to comment Share on other sites More sharing options...
smokin5s Posted November 3, 2013 Report Share Posted November 3, 2013 Stay away from Bitlocker. I used it i the past, and lost my data because I didn't realize that I needed to export the key. this is kinda the point of disk encryption dude... keep the files locked away from the bad guy... If this is a personal computer then Bitlocker is fine, If this is going to be more of a corporate managed machine, you can go with McAfee End Point Encryption, Credant Manager, Credant Shield, DDPE (Dell's software based disk encryption), Sophos was mentioned, TrueCrypt... you should stay away from the cheap encryption "freeware" type of products just out of security reasons. Quote Link to comment Share on other sites More sharing options...
Richard Cranium Posted November 3, 2013 Report Share Posted November 3, 2013 +1 for what your goals are. What are your concerns? I'm assuming storing patient records are an issue, but there are other scenarios that jump to my mind such as transmitting patient records or other sensitive data (financials, etc...) to another location. Quote Link to comment Share on other sites More sharing options...
Justalilow1647545502 Posted November 3, 2013 Report Share Posted November 3, 2013 If you happen to be running an AD Windows environment, then Bitlocker can be setup to store all keys within the AD computer account. This is what we use for all portable devices at my work. This keeps you from having to export all the keys and store them. Quote Link to comment Share on other sites More sharing options...
Dr. Pomade Posted November 3, 2013 Author Report Share Posted November 3, 2013 Thanks for the replies, everyone. My goals are fairly modest: I just want to ensure that, if my laptop or external hard drives are lost or stolen, that the protected information I have on them will be encrypted/protected/safe. It's mostly a liability concern for me. I doubt I need anything "industrial strength." I think the BitLocker will be fine for me. Unless someone says something that is significantly persuasive otherwise, I'll likely just take Brian and Steve's advice and upgrade my Windows 7. I don't mind spending a little money (so don't worry about me trying to find something for free). Quote Link to comment Share on other sites More sharing options...
JaSSon Posted November 3, 2013 Report Share Posted November 3, 2013 this is kinda the point of disk encryption dude... keep the files locked away from the bad guy... If this is a personal computer then Bitlocker is fine, If this is going to be more of a corporate managed machine, you can go with McAfee End Point Encryption, Credant Manager, Credant Shield, DDPE (Dell's software based disk encryption), Sophos was mentioned, TrueCrypt... you should stay away from the cheap encryption "freeware" type of products just out of security reasons. What good is encryption if you can't recover the data?. Encryption based on a password: good. Encryption based on a non-recoverable unique-to-a-windows-install key: bad. Quote Link to comment Share on other sites More sharing options...
smokin5s Posted November 3, 2013 Report Share Posted November 3, 2013 you can recover data you either have to have the encryption centrally managed or create a recovery key before the drive crashes. If you don't have an encrypted key for it then what's the point of encrypting the drive if any joe schmo can access the drive if you loose it? Quote Link to comment Share on other sites More sharing options...
unfunnyryan Posted November 3, 2013 Report Share Posted November 3, 2013 What good is encryption if you can't recover the data?. Encryption based on a password: good. Encryption based on a non-recoverable unique-to-a-windows-install key: bad. Not unique to the windows key, it's a TPM, a trusted platform module. This can be a physical chip on a motherboard or made into a flash drive. If the motherboard fails and you lose your TPM key backup...you're fucked. you can recover data you either have to have the encryption centrally managed or create a recovery key before the drive crashes. If you don't have an encrypted key for it then what's the point of encrypting the drive if any joe schmo can access the drive if you loose it? Kinda-this. Quote Link to comment Share on other sites More sharing options...
cybe Posted November 4, 2013 Report Share Posted November 4, 2013 If the motherboard fails and you lose your TPM key backup...you're fucked. This is one of the reasons we are going through thousands of hard-drives at the bank. (Reimage = replace drive, archive the old one despite lack of key) Quote Link to comment Share on other sites More sharing options...
Akula Posted November 4, 2013 Report Share Posted November 4, 2013 The really really important thing to remember is, if I have physical access to the drive...I win. There is a mechanism to un-encrypt the data on the drive itself, I just need to trigger that mechanism. Lots of great papers out there and really good tools for busting full disk encryption. Having said that, TrueCrypt. Quote Link to comment Share on other sites More sharing options...
BIGGU Posted November 4, 2013 Report Share Posted November 4, 2013 True crypt or pgp. Quote Link to comment Share on other sites More sharing options...
Dr. Pomade Posted November 4, 2013 Author Report Share Posted November 4, 2013 Okay, so I upgraded to Windows 7 Ultimate, which has BitLocker. Yay, right? Wrong. I go to enable BitLocker and I get an error message saying that a compatible Trusted Platform Module (TPM) wasn't found on my computer. I do some clicking around and find that, apparently, I need a 1.2 TPM, but my computer only has a 1.0 TPM. So, what do I do now? Is there anywhere I can go to upgrade to a 1.2 TPM? In my clicking around, Windows said something about needing an removable USB drive or something to store my BitLocker key that must be used every time I start up my computer. Quote Link to comment Share on other sites More sharing options...
cybe Posted November 4, 2013 Report Share Posted November 4, 2013 What's the make/model of your PC? Maybe can update the BIOS. Quote Link to comment Share on other sites More sharing options...
bucd Posted November 4, 2013 Report Share Posted November 4, 2013 You can use usb thumb drive instead. http://windows.microsoft.com/en-us/windows-vista/bitlocker-drive-encryption-overview -D Quote Link to comment Share on other sites More sharing options...
Dr. Pomade Posted November 4, 2013 Author Report Share Posted November 4, 2013 Toshiba Satellite L650 Okay, so should I just go the thumb drive route and not even worry about the BIOS stuff? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.