The proliferation of laptop computers has made it more important than ever to protect the data on a hard drive from theft. For example, if a laptop is stolen, the contents of the hard drive are extremely vulnerable, even if steps are taken to protect the data. Considering that many corporate and government employees routinely take their laptops home, the contents may contain extremely valuable and sensitive information, which an unauthorized user or a thief may be willing to go to significant lengths to extract.
One technique for protecting the data on a hard drive is a password-locked hard drive. In this case, a software routine allows access to the data only if the proper user code and password are entered. While this may provide some measure of protection, a moderately computer savvy thief can easily recover the contents of the hard drive that are stored without encryption. For example, the thief may read the contents of the hard drive by either physically removing the hard drive and attaching it to another host computer or by using specialized disk recovery equipment. In this fashion, the contents may be dumped sector by sector and read without the password.
Another technique to protect data on a hard drive is an operating system encrypting selected files to be stored to the hard drive. In this case, files are encrypted on a file-by-file basis. For example, the operating system may have an option that prompts the user to encrypt files. However, the user may decide to leave the encryption option off because it may be too time consuming or inconvenient. Moreover, when the user does turn on the encryption option, the user may choose not to encrypt some files that should be. Hence, much of the data is vulnerable and this option relies too heavily on user interaction.
Furthermore, it may be impossible to use the operating system encryption option for some types of files and/or applications. Examples of files for which this encryption may be unavailable are compressed files, memory mapped files, swap files, and garbage files. For example, the hard drive may receive a temporary file that is not encryptable by this method. Therefore, the operating system encryption option is unusable with certain types of files and data connected to certain applications.
Additionally, the operating system encryption option may consume substantial central processor unit (CPU) time (e.g., 25% of CPU utilization) during encryption and decryption. Thus, this method severely impacts system performance.
Therefore, it would be advantageous to provide a way to protect data on a hard drive. It would also be advantageous to protect data on a hard drive via a method that is not vulnerable to theft by simply bypassing a password. It would also be advantageous to protect data on a hard drive via a method that does not require the user to painstakingly encrypt files on a file-by-file basis. It would also be advantageous to protect all types of files stored on a hard drive and data connected with any application. Furthermore, it would be advantageous to protect data on a hard drive without impacting system performance or relying too heavily on user interaction.