Jump to content

Computer People - Need Your Input/Advice


Dr. Pomade

Recommended Posts

I've been looking into encryption software for my computers, etc., but I'm not sure what to get. I heard about Microsoft's BitLocker, and that sounds like it would have everything I would need. Problem is, I only have Microsoft Windows 7 Home, and BitLocker doesn't come as part of that package. I've tried doing a couple of searches to just find the BitLocker so I can buy it and install it, but apparently I'm a moron and can't find it. So, I'd like your help.

 

1. Is there someplace where I can just buy BitLocker? I would think there would be - like this is a painfully obvious question - but I can't find it.

 

2. Is there some alternative to BitLocker that I should be considering?

 

I'm not sure if I have given you enough information to give me a recommendation, so let me know if there's other stuff I should elaborate upon. Warning: I'm far from an IT guy, so please go slow with me and use very small words.

 

Thanks in advance.

Link to comment
Share on other sites

I'm no computer guy.

 

That said, you can upgrade your windows 7 to 7 Ultimate, which has bitlocker. That's what I use and have been please with it. I have a few external HD that I have encrypted using it. Been running it for 3ish years now with no issue.

Link to comment
Share on other sites

I'm no computer guy.

 

That said, you can upgrade your windows 7 to 7 Ultimate, which has bitlocker. That's what I use and have been please with it. I have a few external HD that I have encrypted using it. Been running it for 3ish years now with no issue.

 

Probably cheaper than buying 3rd party software.

 

John here's how to upgrade, if you're interested.

http://windows.microsoft.com/en-us/windows7/help/videos/upgrade-to-another-edition-of-windows-7-by-using-windows-anytime-upgrade

 

The government uses bitlocker on all our machines, for whatever that's worth.

Link to comment
Share on other sites

If you just need a "better" version of Windows 7, you can type "Anytime Upgrade" into the box above the Start Button. This will take to you a Microsoft Site to pay to upgrade to another Version. If this is for work, I would suggest Windows 7 Professional. I believe it is ~ $100.

 

KillJoy

Link to comment
Share on other sites

The most important question is, why?

 

Is it a matter of HIPAA compliance? Is it just for personal piece of mind? Or are you a secret agent with the utmost sensative data that can't fall into the wrong hands? :gabe:

 

For a meaningful recommendation, the "why" really needs to be known.

 

As a general blanket for most people... I agree with below:

 

 

Link to comment
Share on other sites

Stay away from Bitlocker. I used it i the past, and lost my data because I didn't realize that I needed to export the key. The MS Bitlocker encryption key is unique to your windows install. IE: it's not a password you enter. If someone steals your laptop, they have access to your encrypted info. If you have a backup of your encrypted files, your HDD crashes, and you do a fresh install of Windows on a new HDD, your backup is worthless. Maybe the NSA can recover your data, but you can't.

 

I use Winrar to compress and archive files and them PW protect them. It works for my purposes, which in the grand scheme of things aren't important.

 

If you're using Bitlocker, don't. un-encrypt your files and use proper encryption software.

Link to comment
Share on other sites

Stay away from Bitlocker. I used it i the past, and lost my data because I didn't realize that I needed to export the key.

 

this is kinda the point of disk encryption dude... keep the files locked away from the bad guy...

 

If this is a personal computer then Bitlocker is fine, If this is going to be more of a corporate managed machine, you can go with McAfee End Point Encryption, Credant Manager, Credant Shield, DDPE (Dell's software based disk encryption), Sophos was mentioned, TrueCrypt...

 

you should stay away from the cheap encryption "freeware" type of products just out of security reasons.

Link to comment
Share on other sites

Thanks for the replies, everyone. My goals are fairly modest: I just want to ensure that, if my laptop or external hard drives are lost or stolen, that the protected information I have on them will be encrypted/protected/safe. It's mostly a liability concern for me. I doubt I need anything "industrial strength." I think the BitLocker will be fine for me. Unless someone says something that is significantly persuasive otherwise, I'll likely just take Brian and Steve's advice and upgrade my Windows 7. I don't mind spending a little money (so don't worry about me trying to find something for free).
Link to comment
Share on other sites

this is kinda the point of disk encryption dude... keep the files locked away from the bad guy...

 

If this is a personal computer then Bitlocker is fine, If this is going to be more of a corporate managed machine, you can go with McAfee End Point Encryption, Credant Manager, Credant Shield, DDPE (Dell's software based disk encryption), Sophos was mentioned, TrueCrypt...

 

you should stay away from the cheap encryption "freeware" type of products just out of security reasons.

 

What good is encryption if you can't recover the data?. Encryption based on a password: good. Encryption based on a non-recoverable unique-to-a-windows-install key: bad.

Link to comment
Share on other sites

you can recover data you either have to have the encryption centrally managed or create a recovery key before the drive crashes. If you don't have an encrypted key for it then what's the point of encrypting the drive if any joe schmo can access the drive if you loose it?
Link to comment
Share on other sites

What good is encryption if you can't recover the data?. Encryption based on a password: good. Encryption based on a non-recoverable unique-to-a-windows-install key: bad.

 

Not unique to the windows key, it's a TPM, a trusted platform module. This can be a physical chip on a motherboard or made into a flash drive. If the motherboard fails and you lose your TPM key backup...you're fucked.

 

you can recover data you either have to have the encryption centrally managed or create a recovery key before the drive crashes. If you don't have an encrypted key for it then what's the point of encrypting the drive if any joe schmo can access the drive if you loose it?

 

Kinda-this.

Link to comment
Share on other sites

If the motherboard fails and you lose your TPM key backup...you're fucked.

 

This is one of the reasons we are going through thousands of hard-drives at the bank. (Reimage = replace drive, archive the old one despite lack of key)

Link to comment
Share on other sites

The really really important thing to remember is, if I have physical access to the drive...I win. There is a mechanism to un-encrypt the data on the drive itself, I just need to trigger that mechanism. Lots of great papers out there and really good tools for busting full disk encryption.

 

Having said that, TrueCrypt.

Link to comment
Share on other sites

Okay, so I upgraded to Windows 7 Ultimate, which has BitLocker. Yay, right? Wrong. I go to enable BitLocker and I get an error message saying that a compatible Trusted Platform Module (TPM) wasn't found on my computer. I do some clicking around and find that, apparently, I need a 1.2 TPM, but my computer only has a 1.0 TPM.

 

So, what do I do now? Is there anywhere I can go to upgrade to a 1.2 TPM? In my clicking around, Windows said something about needing an removable USB drive or something to store my BitLocker key that must be used every time I start up my computer.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...