The Safest Way to Protect Sensitive Computing Files: Page 2
As with the software-based whole disk encryption, every byte on the hard drive is encrypted. But with Lenovo's drive, security exists totally in the device.
In other words, it could care less about the hardware or software on your computer. This is a huge advantage. The drive can be used with a Mac at home and a Windows machine at the office.
Upgrading to Windows 7? No problem. All the potential crippling software problems described earlier are gone.
Our eggs are now stored in two baskets.
To recap how the ThinkPad USB Secure Hard Drive works, when you connect the drive to the computer, the drive detects the connection and then waits for the entry of a valid password (really a pass number).
Passwords can range from six to sixteen digits and are entered directly on the device using buttons on its top. When a valid password is entered (the drive supports 10 different passwords) the computer is finally made aware of the presence of the drive and has access to all the files on the drive.
Like software-based whole disk encryption on the computer, this approach only protects data at rest. That is, after you get access to the files, there is no more protection.
But the advantage of an external hard disk is that it's much easier to lock everything up when you step away from your desk for a minute - just pull the USB plug. This simple act leaves no sensitive files exposed for anyone in the area to peek at while you're in the bathroom.
Good for Laptops
Laptops are always going to be lost or stolen. By keeping sensitive files on an external hard drive, they don't go with the computer. Because the hard drive is so small, it can go with you many places that a laptop computer can't, thus, it's less likely to be lost or stolen in the first place.
In an airport, for example, the hard drive can stay in your carry-on bag, it doesn't have to be separated out.
Storing sensitive files on an external hard drive makes tech support a breeze rather than a problem. You can give your computer over to a techie safe in the knowledge that it harbors no sensitive files.
Since everything is external to your computer, there is no impact on disk imaging.
The worst case scenario is much better here too. If the drive breaks or crashes, you lose access to the sensitive files. But your main computer is not impacted in any way, shape or form. (No matter what approach is taken, all files need to be backed up, so that's a wash in terms of the different approaches)
There may a psychological aspect too.
Spending $150 or more by a company for an encrypted storage device sends a message to the employees that they are dealing with sensitive files. The encrypted hard drive may serve as a constant reminder that some files are for their eyes only and to always be aware which are sensitive and which arent.
This is not to be taken as an endorsement of the ThinkPad USB Secure Hard Drive, I haven't actually used one. Rather, it's an endorsement of the concept of an external hard drive that does its own hardware encryption, independent of the computer. There may be other such devices, I don't know.
Personally, I use TrueCrypt for my sensitive files. But, I don't mind mounting and unmounting encrypted volumes.
Also, I don't use a Mac, only dabble with Linux and always log-on to Windows as an Administrator class user. Not everyone fits this profile.