• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Windows 7 - best way to prevent a drive from being cloned?

fuzzybabybunny

fuzzybabybunny

Moderator<br>Digital & Video Cameras
Moderator
I'm setting up a work machine for the first time and I don't want anyone to have access to even view certain folder contents, much less be able to copy it to a thumb drive or whatever.

I'd like to prevent the drive from being cloned.

Any way I can do this?
 
Last edited:
You can't prevent the drive from being cloned, not even encryption. If the data is that sensitive use something like terminal services or Citrix.
 
If they have physical access, not much you can do. However; modern encryption methods would make the data unusable.

What are you trying to protect? I have found the overhead and risk of loss of data > than the security this offers for most of the people that really aren't doing mission-critical work on their machines.
 
What folders are you trying to protect? You may be able to use user rights to prevent non-Administrator users from having access to those folders. Make sure the Administrator account has a secure password.

Set your BIOS to only boot from the hard drive, and password protect the BIOS. Put a small padlock on the case to keep someone from opening it. That should keep it secure from all but someone breaking into the case to reset the BIOS.
 
Security is best done in layers. You can lock up the equipment in a vault so no one can access it. It then becomes less useful. So, you accept some risk and password and/or biometrically protect the system from being turned on. You can use a mobile rack and remove your HDD. You can use encryption. You can use combos of things - but all are really compromises. Always bear in mind that given enough time, money, and resources, there is nothing that cannot be accessed.

The basic key is access. If a drive cannot be accessed, it cannot be cloned. If I have a laptop, I can take it with me or lock it in a safe. That really limits access by "the profane."
 
Last edited:
Between this and your other thread, it seems to me you should be looking into a server or NAS to store any sensitive files you want protected. It appears you have a single computer that other people will be using, but you don't want them to copy/read some of your sensitive files, yet you still need them to work with them to some extent.

In short, with physical access to the computer/drive the files reside on, you cannot be sure that one of your employees will not copy or destroy some of them.

You can purchase pretty good SOHO level NAS for < $500.

http://www.synology.com/enu/products/index.php

The DS211j supports 2 drives in RAID 1, and costs ~$200. A couple of 2TB HDD's would be another $150-$200.
 
Last edited:
Encrypting can't stop access. (Access in the security world is physical contact or proximity.) But it can delay the accessor. The amount of delay relates to the degree of encryption.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top