Hard Drive Encryption Project

A care home company providing luxury residential care for the elderly, with around 70 PC's spread across 11 different homes. The company of course keeps extensive personal details of its residents and was concerned about the possibility of the data falling into the wrong hands if a machine were lost. Although all the machines were password protected it's fairly easy to bypass this security if you know what you are doing. Simply removing the hard disk from one machine and then installing it as a secondary drive into another will enable you to gain access to the data, not very secure at all!

In the UK the Data Protection Act mandates how companies protect personal data and the potential fine for a breach can be anything up to £0.5m, this is soon to be replaced by an equivalent EU regulation and at that point the fine could be up to 4% of annual turnover. Clearly the client was at risk of a serious fine.

The only real way to completely protect the data was to encrypt the hard drives on each machine. The process is fairly simple, install the software, choose the encryption level and then let it run. Once it's complete the machine requires a password the moment its powered on, so before it even gets to a Windows login. Unless the correct the password is entered the disk remains encrypted and the data is inaccessible. In addition, all newer machines come with a Trusted Platform Module component installed and this ties the hard disk to the machine it was encrypted in, this means it's impossible to mount the drive in another machine as the TPM module does not match the one the drive is tied to.