Full Disk Encryption


  1. Posts : 1,426
    7 Pro
       #1

    Full Disk Encryption


    Howdy, I am currently using "TrueCrypt" at the moment. This solution is viable but very user unfriendly, our password policy for compliance and regulation(s) is currently 18+ characters due to bruteforce and dictionary cracks, thus giving the remote user a headache. This solution also requires a password right after powering up, this is problematic due to prompted restarts after patches and whatnot prompting the need for remote user interaction to get the machine back "online" for scans and further updates. Is anyone out there deploying disk encryption to "remote" users that may be using a better solution?
      My Computer


  2. Posts : 45
    Windows 7 Home Premium (64 bit)
       #2

    Try this alternative:
    DiskCryptor en - DiskCryptor wiki
    I don't think many users encrypt their drives though
      My Computer


  3. Posts : 587
    Windows 7 x64
       #3

    brady said:
    Howdy, I am currently using "TrueCrypt" at the moment. This solution is viable but very user unfriendly, our password policy for compliance and regulation(s) is currently 18+ characters due to bruteforce and dictionary cracks, thus giving the remote user a headache. This solution also requires a password right after powering up, this is problematic due to prompted restarts after patches and whatnot prompting the need for remote user interaction to get the machine back "online" for scans and further updates. Is anyone out there deploying disk encryption to "remote" users that may be using a better solution?
    .
    Since the issue is retyping difficult passwords perhaps a usb device, such as the Yubikey, would help?
      My Computer


  4. Posts : 1,426
    7 Pro
    Thread Starter
       #4

    Richter said:
    I don't think many users encrypt their drives though
    We do when OTS requires it
    Victek said:
    Since the issue is retyping difficult passwords perhaps a usb device, such as the Yubikey, would help?
    This would also break regulation due it being in control of the "end user"
      My Computer


  5. Posts : 22
    Windows 7
       #5

    I don't know how about automated decryption upon login?
    Just map everything to a seperate drive, and the OS is unencrypted.
    I know that MS has something of that sort, never used it though due to me dualbooting all the time.

    Almost every OS has the possibility to automate scriptexecution upon login/logof or startup/shutdown, how about writing some scripts
    decrypting the drives using a key residing with you?

    Problem is,the key isn't with the user and the user doesn't want to enter the password.
    The Password/keyfile has to reside on the server hence you have a securityproblem.
    Automated decryption/mounting has the problem that the chain of security is only as strong as it's weekest links.

    Are the ecrypted hdd's on the same system or are we talking about a network?
    sincerly

    s0s0
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 05:31.
Find Us