It is amazing to me that businesses are still issuing laptops to employees that do not have encryption. That being said, what do we mean when we say “the laptop is encrypted?”
There are three scenarios for encrypting portable computers:
1. Windows File Encryption
2. Third-party file, directory encryption software
3. Third-party whole disk encryption software
When you are making a decision on products to use, consider the following:
1. What level of encryption is the vendor stating? If the documentation says the algorithm is “proprietary,” throw it in the trash.
2. If the laptop is stolen, and there is a public announcement, is it going to sound better to say: “The whole disk was encrypted,” or, “They could get into the laptop because just some files were encrypted.” Consider your reputation risk.
3. If only files are encrypted, if I crack the password and get in as the user, does it automatically decrypt the files for me? Better check.
4. Can the software encrypt other items, like USB drives? Even better, if it does it automatically.
Don’t fall for the argument that disk encryption software is “too expensive.” What’s your reputation worth? Not only that, Trucrypt makes a GREAT free encryption product. For small business environments with 2 or 3 laptops, send them a donation and get going; it’s a great product.