Encrypting Thinkpad's harddrive

[Newarkizise]

Hi

I have encrypted few harddrives with compusec, and i was planning to encrypt my R52's harddrive too.

So, the question is, how will Thinkpad's own recovery partitions + etc. accept this kind of a trick? No problem?

I would be pleased to know, if someone has succesfully encrypted his thinkpad's harddrive with some sortiment of a software for example with compusec.

thanks

-newarkizise

[s0larian]

Utimaco Safeguard Easy is designed to work with Thinkvantage Rescue & Recovery and Client Security. The hidden recovery partition will be encrypted as well as backups done with R&R 3. Even IBM's TPM Chip is supported.

[yossarian]

IBM's TPM chip can do transparent "on the fly" encryption if you set the hard disk drive password. The TPM transparent encryption[hard drive password] doesn't seem to require any more tweaks other than setting the password in the bios, which kinda makes me raise a few eyebrows as to how the data is actually protected.

CSS 6.0/5.4 also lets you use SafeGuard, a program that creates an encrypted container and mounts it as a virtual drive. No doubt that uses tpm somehow too.

Otherwise you could no doubt get some more purely software based solutions without a problem. Old favourites include Steganos Security Suite and also PGPDisk is nice.

There are numerous tools also that can encrypt the entire fire system in windows etc but those will be annoying to deploy no doubt.

Personally, I'd just recommend turning the hdd password on then using something like SafeGuard/PGPDisk/Steganos to store sensitive data and possibly encrypting the files again on top of that with a different tool if it's highly sensitive. Then disabling the virtual hdd page file in windows[maybe getting more ram to accommodate for changes], or if virtual memory is important then look into somehow setting up an encrypted virtual memory page file. This way, things like the OS can boot up without the additional overhead of having to decrypt itself before loading while keeping sensitive things sensitive.

[crates]

Or use Vista Ultimate's BitLocker. 'T's working fine for me.

[Wiz]

IBM's TPM chip can do transparent "on the fly" encryption if you set the hard disk drive password. The TPM transparent encryption[hard drive password] doesn't seem to require any more tweaks other than setting the password in the bios, which kinda makes me raise a few eyebrows as to how the data is actually protected.

The TPM do not encrypt the data on the harddisk. You can use TPM to store things that is sensitive like passwords and certificates. Also the BIOS and harddisk password is good options to protect your computer, but it does not encrypt the contents of the harddisk. Bitlocker, dcpp, safeguard easy is some full disk encryption software available that actually encrypt all the contents stored on the disk.