When to use Truecrypt, and when not to?

Posted by tm77 on Server Fault See other posts from Server Fault or by tm77
Published on 2011-03-11T00:02:27Z Indexed on 2011/03/11 0:11 UTC
Read the original article Hit count: 462

Filed under:

encryption

|

disk

|

disk-encryption

I have about 30 (this number will most likely grow over the next few years to 50 or more) unencrypted laptops that I have been tasked to encrypt (entire drive). These machines will be used off site regularly by my users. These machines are running Windows 7 and XP (about 50/50), but more Windows 7 every month. I have experience with Truecrypt, and have had no issues. It appears to be THE solution for a free solution.

My concern with Truecrypt is that my users will have 2 passswords needed to login to their machines. Also, I need to choose to either have 1 password for my organization, or carefully document each machine's password (management nightmare). In my mind, choosing between a managed and a free encryption solution is primarily based on the NUMBER of machines that will be encrypted and supported.

Two questions:

From a management standpoint, what is the tipping point of users where a managed solution would pay for itself over Truecrypt?
What are some good third party solutions? (I will consider Bitlocker, but the price to upgrade Windows 7 licenses is a turn-off)

I would love to hear from some admins with experience in supporting encrypted machines in a corporate environment.

Many thanks in advance!

© Server Fault or respective owner

Related posts about encryption

SQL SERVER – History of SQL Server Database Encryption

as seen on SQL Authority - Search for 'SQL Authority'
I recently met Michael Coles and Rodeney Landrum the author of one of the kind book Expert SQL Server 2008 Encryption at SQLPASS in Seattle. During the conversation we ended up how Microsoft is evolving encryption technology. The same discussion lead to talking about history of encryption tools in… >>> More
Encryption is hard: AES encryption to Hex

as seen on Stack Overflow - Search for 'Stack Overflow'
So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple: encrypt('string_to_encrypt','key','AES','HEX') What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately… >>> More
Confused about encryption with public and private keys (which to use for encryption)

as seen on Stack Overflow - Search for 'Stack Overflow'
I am making a licensing system when clients ask my server for a license and I send them a license if they are permitted to have one. On my current system I encrypt the license using a single private key and have the public key embedded into the client application that they use to decrypt the license… >>> More
Encryption Product Keys : Public and Private key encryption

as seen on Stack Overflow - Search for 'Stack Overflow'
I need to generate and validate product keys and have been thinking about using a public/private key system. I generate our product keys based on a client name (which could be a variable length string) a 6 digit serial number. It would be good if the product key would be of a manageable length… >>> More
Software tools to automatically decrypt a file, whose encryption algorithm (and/or encryption keys)

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an idea for encryption that I could program fairly easily to encrypt some local text file. Given that my approach is novel, and does not use any of the industry standard encryption techniques, would I be able to test the strength of my encryption using 'cracker' apps or suchlike? Or do all… >>> More

Related posts about disk

?11gR2 RAC???ASM DISK Path????

as seen on Oracle Blogs - Search for 'Oracle Blogs'
????T.askmaclean.com???????11gR2?ASM DISK?????,??????: aix 6.1,grid 11.2.0.3+asm11.2.0.3+rac ???????????aix????????mpio,??diskgroup ?????veritas dmp???,?????asm?disk_strings=/dev/vx/rdmp/*,crs/asm??????????????/dev/vx/rdmp/?????,?????????diskgroup??? crs???????:2012-07-13… >>> More
?11gR2 RAC???ASM DISK Path????

as seen on Oracle Blogs - Search for 'Oracle Blogs'
????T.askmaclean.com???????11gR2?ASM DISK?????,??????: aix 6.1,grid 11.2.0.3+asm11.2.0.3+rac ???????????aix????????mpio,??diskgroup ?????veritas dmp???,?????asm?disk_strings=/dev/vx/rdmp/*,crs/asm??????????????/dev/vx/rdmp/?????,?????????diskgroup??? crs???????:2012-07-13… >>> More
Time machine disk icon on boot disk

as seen on Super User - Search for 'Super User'
The icon for Macintosh HD (my boot disk) shows as a Time Machine disk. There is a file .com.apple.timemachine.supported in the root of the disk. If I delete the file and restart the computer, the icon goes back to a normal HD icon. However, the .com.apple.timemachine.supported file is recreated at… >>> More
Use hard disk image like a regular hard disk on Linux

as seen on Super User - Search for 'Super User'
If you have a hard disk image (including partition table, multiple partitions,...), is it possible to let Linux treat it as a regular hard disk? By "regular hard disk" I mean I would like to have the image show up as, for instance, /dev/hdx and its partitions as /dev/hdx1,... (I know I can mount… >>> More
Windows 7 detects my 1 TB disk as a disk with only 31 MB space

as seen on Super User - Search for 'Super User'
I've added another 1 TB Western Digital disk on my computer (there is a disk with 250 GB already), and after booting to Windows 7, it recognise the disk, but in the Disk Management panel, it says the disk has only 31 MB TOTAL space, so is what it shows in the EVEREST information. And when I rebooted… >>> More