If you work in an organization that utilizes laptops, and has data that you do not want to fall into the wrong hands (be they competitors or foreign agents), you will want to take a look at the new laptop Data Encryption Guide released by the TechNet Solution Accelerators Team.
The Data Encryption Toolkit for Mobile PCs provides tested guidance and powerful tools to help you protect your organization’s most vulnerable data. The strategies outlined in this Toolkit are easy to understand, and the guidance shows you how to optimize two key encryption technologies already available to you in Microsoft Windows XP or Windows Vista: the Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker).
- EFS allows you to protect sensitive files so they can only be accessed by authorized users. EFS is included with Windows XP Professional and with most editions of Windows Vista.
- BitLocker encrypts all data on a system volume to prevent unauthorized users from successfully booting the PC with a different operating system or swapping the drive to a different computer to read the data. BitLocker is included with the Enterprise and Ultimate editions of Windows Vista.
The Data Encryption Toolkit for Mobile PCs shows you how to effectively use both EFS and BitLocker across your organization. The Toolkit also provides you with software tools and scripts to help you centrally configure, deploy, and manage encryption settings on all your mobile PCs.
Data Encryption Toolkit Components
The Toolkit consists of four components. The Executive Overview and Security Analysis documents are available now, and the remaining components will be released during the first half of 2007.
The four components that make up the Data Encryption Toolkit for Mobile PCs are:
- The Executive Overview. This document provides a broad survey from a business and regulatory perspective of how mobile data is at risk and how the Data Encryption Toolkit for Mobile PCs can help. It also provides information about how you can use the guidance and tools in this Solution Accelerator as well as tools you may already have licensed to mitigate these risks.
- The Security Analysis. This guide provides an in-depth review of how EFS and BitLocker can help you address the unique risks associated with data on mobile PCs.
- The Planning and Implementation Guide. This guide describes how to plan for, configure, deploy, and operate EFS and BitLocker in your organization. A Beta version of the Planning and Implementation Guide is currently available.
- The Microsoft Encrypting File System Assistant. The EFS Assistant is a software tool you can use to centrally control EFS settings on all your PCs (the EFS Assistant also works with desktop PCs). The EFS Assistant can help you encrypt the sensitive files on your users' laptops, regardless of where those files are located. In addition, the EFS Assistant operates transparently to end users, eliminating training issues or other impacts. A Beta version of the EFS Assistant is currently available.
Interested in other Solution Accelerators for Security and Compliance? Visit the Microsoft Security Guidance page.