This article can also be found in the Premium Editorial Download "Storage magazine: Top 15 Storage hardware and software Products of the Year 2006."
Download it now to read this article plus other related content.
The government's recent laptop fumbles have focused the immediate spotlight on encryption as the primary means of protecting data on laptops. In August, the U.S. Department of Veterans Affairs (VA), smarting from the widely publicized loss of laptops containing sensitive data on thousands of individuals, awarded a contract for the encryption of approximately 300,000 VA PCs and mobile devices to San Francisco-based GuardianEdge Technologies Inc. (formerly PC Guardian Technologies).
TruWest Credit Union, a 16-branch credit union headquartered in Tempe, AZ, didn't wait for the feds or any state regulations. It identified laptop data security as a critical issue five years ago when it began implementing two-factor authentication for its laptops. "We have been taking measures to protect laptop data for quite a while, things like passwords at power up and policies about what data could be put on the laptop," says Thomas Gessel, TruWest's senior vice president and technology officer.
TruWest deploys approximately 50 laptops and has had only one stolen. That laptop, used by an IT staffer for maintenance, contained no confidential data, but "its loss made us realize the risk," says Gessel. The credit union, which had been looking at laptop encryption for two years, decided to roll out Naples, FL-based SafeBoot Corp.'s Device Encryption for PC/Laptop.
"We looked at all of them [laptop encryption products] and found SafeBoot was the easiest to deploy, and it didn't require a dedicated server," says TruWest's Gessel. "We were able to deploy it on the maintenance server where we have our antivirus protection. And we got it for less than $150 per laptop."
Cost is one objection to encryption. Managers also object to the resulting performance hit and the difficulties of key management (see "Encryption resistance").
Despite headline-grabbing laptop losses and laws like California SB 1386 popping up in state after state, laptop encryption hasn't yet caught on big. "We have a ton of security measures such as physical locks and we use biometric authentication, but we do not have full disk encryption on the laptops," says Chris Curran, chief technology officer at Diamond Management & Technology Consultants Inc. in Chicago. Diamond's consultants simply don't put the kind of confidential data that would require disclosure on their laptops.
This was first published in February 2007