Your Laptop Data Is potentially at risk!
You've seen the headlines. Mobile PCs are easy targets for theft. And news stories are appearing with increasing regularity about companies whose employees have either misplaced their mobile PCs, or had them stolen – laptops filled with sensitive employee or customer information. Losing confidential data can cost your hundreds of thousands of dollars in lost business, and a damaged reputation.
The Data Encryption Toolkit for Mobile PCs – which is being released in phases – provides tested guidance and powerful tools to help you protect your organizations’ most vulnerable data. The strategies outlined in the Toolkit are easy to deploy, and show you how to optimize two key encryption technologies already available to them in Microsoft® Windows® XP or Windows Vista™: the Encrypting File System (EFS) and Microsoft BitLocker™ Drive Encryption (BitLocker).
The Toolkit consists of four components. The Executive Overview and Security Analysis documents are available now. The Planning and Implementation Guide and the EFS Assistant will be released later in the first half of 2007.
The Executive Overview provides customers with a high-level overview of the Data Encryption Toolkit for Mobile PCs to help them understand the business and regulatory risks of losing data on mobile PCs, and how they can use the
guidance in this Solution Accelerator to mitigate these risks.
The Security Analysis discusses in depth a number of unique risks associated with data on mobile PCs, and analyzes how Microsoft's key encryption technologies, EFS and BitLocker, can help customers mitigate those risks. The Security Analysis now available on TechNet and the Microsoft Download Center.
Additional Components Coming Soon
Planning and Implementation Guide
The Planning and Implementation Guide describes how to plan for, configure, deploy, and operate EFS and BitLocker in a customer’s organization. A Beta version of the Planning and Implementation Guide is currently available.
The EFS Assistant lets customers centrally control EFS settings on all their mobile PCs (and many desktop PCs, too). The EFS Assistant will help customers find all the files on their mobile PCs that need to be encrypted, regardless of where users save them. And the EFS Assistant operates transparently to end users, eliminating training issues or other impacts. A Beta version of the EFS Assistant is currently available.
Key Customer Questions Addressed by the Toolkit
· How can I protect data on my users’ laptops from being accessed by unauthorized users?
· Should I use EFS or BitLocker to keep mobile data safe? Can I use these technologies together?
· How can I centralize control of data encryption?
· Is there a way to automatically detect and encrypt sensitive data files, no matter where users save them?
Access the Toolkit on TechNet
To access the Data Encryption Toolkit for Mobile PCs, click here.
Visit our Security Guidance Page
Interested in other Solution Accelerators for Security and Compliance? Visit the Microsoft Security Guidance page.
Jeff, for various reasons I believe that EFS just doesn't cut it when it comes to SOE deployments in the enterprise. Not all risks are mitigated - tampering with the system without stealing the hardware would be one. Users have expectation not to be careful about where they store data; administrators are required to prevent all potential leaks - this is where full disc encryption shines.
MS should backport Bitlocker to XP.