Looking for a good full encryption software for company

TechnicalJayTechnicalJay Posts: 213Member ■■■□□□□□□□
Hello,

At the company we have about 100 laptops that we are looking to put full encryption on. Does anyone know some of the top encryption software companies out there?

Maybe a free one and another one with a pre-boot authentication.

Thank you.

Comments

  • scaredoftestsscaredoftests Security +, ITIL Foundation, MPT, EPO, ACAS, HTL behind youPosts: 2,691Mod Mod
    openssl for win64.
    Never let your fear decide your fate....
  • beadsbeads Posts: 1,439Member ■■■■■■■■□□
    Full Disk Encryption or FDE?
    https://technet.microsoft.com/en-us/library/cc732774(v=ws.11).aspx

    Built in to the Operating System and its Microsoft so its easier to manage.

    Outside of that your looking at PGP or Self Encrypted Drives (SED). Both significantly slow the boot process down but have their advantages and disadvantages. Any of these should provide more than adequate protection.

    - b/eads
  • PhalanxPhalanx I have many leatherbound books... United KingdomPosts: 330Member ■■■□□□□□□□
    Bitlocker?
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
  • cyberguyprcyberguypr Senior Member Posts: 6,780Mod Mod
    OP, would you care to provide more details on your requirements? Do you need centralized management? If the 100 machines don't have the proper Windows version with Bitlocker and the right TPM, then we are talking about a bigger project and other options may be a better choice.
  • TechnicalJayTechnicalJay Posts: 213Member ■■■□□□□□□□
    Thanks for the reply guys,

    BitLocker is not an option as we are still running Win 7 Professional. Centralized management isn't an option either as we are a NFP organization using the governments network and are leasing server space through them. The government was using Symantec but recently switched over to Bitlocker as they have Win 7 EE.
  • PhalanxPhalanx I have many leatherbound books... United KingdomPosts: 330Member ■■■□□□□□□□
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Posts: 1,892Member ■■■■■■■■□□
    At the company we have about 100 laptops that we are looking to put full encryption on. Does anyone know some of the top encryption software companies out there?

    Maybe a free one and another one with a pre-boot authentication.

    There a couple Russian outfits that can help you with that, full disk encryption, and free to boot.... until you want to access you data, than they want bitcoins.


    On a serous side note, I'm thinking someone could modify some ransomware to be a marketable business encryption software, just make it configurable so the C2 is a server you control and of course you get to set the encryption key.
    Still searching for the corner in a round room.
  • cyberguyprcyberguypr Senior Member Posts: 6,780Mod Mod
    I love the "BitLocker is not an option" comment immediately followed by a link to a BitLocker article. priceless.

    OP, you may want to look at SecureDoc.
  • stryder144stryder144 Posts: 1,571Member ■■■■■■■■□□
    Bitlocker is great, but since you are running Windows 7 Pro and it is only supported on EE and Ultimate versions, that leaves that one out of the question. Are you planning on moving to Windows 10 Pro or above? If so, it has Bitlocker. If not, have you looked into VeraCrypt? It is one of the successors to TrueCrypt. Might be worth a look.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • PhalanxPhalanx I have many leatherbound books... United KingdomPosts: 330Member ■■■□□□□□□□
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
  • TechnicalJayTechnicalJay Posts: 213Member ■■■□□□□□□□
    Thanks guys I'll check the ones out that are posted. We'll be sticking with Win 7 Pro for a little while as Win 10 isn't supported yet for some of the medical software we use.
  • TechnicalJayTechnicalJay Posts: 213Member ■■■□□□□□□□
    Another question if anyone knows. Does any of the encryption software listed have a login screen before logging into windows? Or is this an option with centralized managed encryption only?
  • cyberguyprcyberguypr Senior Member Posts: 6,780Mod Mod
    If you do FDE many products will do pre-boot authentication. Will that suffice?
  • TechnicalJayTechnicalJay Posts: 213Member ■■■□□□□□□□
    Absolutely, I just checked out VeraCrypt which looks pretty good and has what I'm looking for.

    Thanks guys
  • SvobodaSvoboda Posts: 95Member ■■□□□□□□□□
    We're using Trend's Data/Mobile Armor in our organization. It was shaky when they first rolled it out but it's been pretty solid since. Maybe be something to look into if you're running any other Trend products.
  • jibtechjibtech Posts: 377Member ■■■■□□□□□□
    TrueCrypt/VeraCrypt would be a good free solution.

    Otherwise, I would look at PGP.
  • mgeoffriaumgeoffriau Posts: 162Member ■■■□□□□□□□
    Svoboda wrote: »
    We're using Trend's Data/Mobile Armor in our organization. It was shaky when they first rolled it out but it's been pretty solid since. Maybe be something to look into if you're running any other Trend products.

    We also used Trend FDE at my previous company. My experience is similar to yours, we had lots of issues early on but over time they improved the product significantly. We still struggled with two significant problems:

    1) Password update and change management -- Trend FDE just wasn't great at keeping the preboot credentials synced with the AD creds. Initially, the preboot client did not include any wifi drivers, so every laptop user had to remember to plug into the network before booting when they needed to update their password. If they didn't, the passwords would get out of sync and they'd have to remember two passwords (leading to lots of HelpDesk calls). Even after we started using the updated client with wifi drivers, syncing was pretty hit or miss.

    2) Black screen with a cursor -- We continued to run into an issue where the machine would boot to a black screen with nothing but a single blinking cursor in the top left corner. Once this happened, the only fix was to completely decrypt the drive and then re-encrypt. We went around and around with Trend on this issue with no resolution. At various times they tried to tell us it must be a drive failure issue or possibly a hardware driver issue, but could never explain to us why these problems would magically disappear as soon as we decrypted the drive.
    CISSP || A+ || Network+ || Security+ || Project+ || Linux+ || Healthcare IT Technician || ITIL Foundation v3 || CEH || CHFI
    M.S. Cybersecurity and Information Assurance, WGU
Sign In or Register to comment.