03-04-2008 11:09 PM
Solved! Go to Solution.
03-07-2008 07:01 PM
03-08-2008 02:14 AM
03-11-2008 03:33 PM
03-12-2008 01:28 PM
03-12-2008 02:03 PM
02-06-2009 01:52 PM
If you are in a Corporate environment and have a farm of Momentus FDE and standard drive machines, then the only solution to manage them both is WinMagic.
02-09-2009 08:41 AM
Just to update this post which was written when I was researching full hard drive encryption for my company...
We went with Seagate Momentus FDE drives for all the computers that supported a SATA connection. (hundreds, at least 95%)
You don't need to use special management software for the drives. All you need to do is clone your existing user's hard drive to the new one (or start with a fresh image/installation), then set a master and user password in the BIOS menu. The user can set the user password, but the master password must remain secret (as it overrides the user one). Make sure it's not the actual BIOS boot password you are setting. There is a special area to set a hard drive password.
It is probably a good idea to make all the master passwords for each drive different and store them somewhere safe (if your company has a password safe, physical safe, etc, that's the kind of place). You can make them the same on all drives, but if someone from your IT department leaves and knows it, none of your data is safe.
Nowdays most companies are not using 100% Windows and the time for 100% Windows solutions being accepted is over. At my present company we have a mixture of Ubuntu, Debian and Windows users, so we were pleased to find the Seagate solution.
I haven't used WinMagic, but we used "Pointsec" for the computers that couldn't take the SATA hard drives. Most of these computers have now been replaced as software encryption is quite slow, especially if you have antivirus running on top. Plus the computers that don't support SATA and the Seagate drives are normally pretty slow anyway. To be honest, we didn't really get on with Pointsec. It was very hard to get hold of, not particularly easy to deploy and not exactly cheap. The hardware solution was around the same price but with no speed decrease.
So to summarise, we have the Seagate FDE drives installed on hundreds of computers, the passwords being securely stored. For the computers without SATA connectors, we used software encryption (Pointsec) and managed those separately.
11-03-2009 11:02 PM
11-04-2009 12:30 AM
Hi, yeah no problem, glad to help.
We used a mixture of methods, mainly a special hard drive cloning machine (about £600) which had a copy + copy/resize option. You just plugged in both drives and pressed the Start button.
In some offices abroad, we used a USB 2.0 hard drive adapter and bootable CD copying programs connected to a laptop. We used "Clonezilla" in some cases and "Copywipe" in others. For some reason some software wouldn't copy drives where others would, it was a bit odd but in those cases we just used the other software (clonezilla instead of copywipe or vice versa), it wasn't worth our time looking into it. You could also use gparted, which has a function for copy+pasting partitions from one drive to another. Acronis maybe, Norton Ghost, dunno, but Clonezilla and Copywipe do the trick and are free.
If you have hundreds of drives, the hard drive copying machine is worth it.
Also, during the cloning process make sure the FDE drive doesn't have a password set. Just clone the drive, then set the hard drive password in the BIOS and that's it. The best thing about this system is that you can dual boot and use any OS. Just be sure to set a (unique probably) master password and store it securely. If you only set a user password and the user forgets it, you've had it!
Good luck :-)