Risk
7/15/2010
12:43 PM
50%
50%

Casper Speeds Backup Cloning Of PGP Encrypted Drives

Version 2.0 works with Windows 7, PGP Whole Disk Encryption version 10 and can create browsable, bootable encrypted backups.

Encrypting data on desktop and notebook computers, especially those outside of the office, isn't just a good idea, it should be the default. That's especially true given the ever-growing number of government and industry mandates regarding protection of sensitive information, the fines for leaving such information "exposed" even if no actual harm results, and the continual stream of lost, stolen, strayed or compromised notebooks and desktop computers.

But encrypting the drive, for example with Windows BitLocker, TrueCrypt, or PGP Whole Disk Encryption doesn't automatically encrypt any local backups you make to a USB external hard drive, or to a second drive in a laptop media bay. Using an encrypted hard drive, or encrypting the backup once it's made would protect it... but how many users in small-to-midsized businesses know to do this, and consistently will?

For Windows hard drives (or portions of) encrypted with PGP Whole Disk Encryption, Future Systems Solutions has just made doing encrypted backups even quicker and easier, with the release version 2.0 of its Casper Secure Drive Backup software. Casper Secure Drive Backup "clones" -- creates a completely encrypted copy of Windows system hard disk that is protected with PGP Whole Disk Encryption, including the operating system, applications, settings, and all your data. The software works from Windows, avoiding the need to stop using or restart the computer.

According to Marty Rubenstein, Product Manager, Future Systems Solutions, Casper Secure Drive Backup is the only product currently available that can create a one-step clone of a PGP Whole Disk encrypted drive from within Windows while maintaining the data in its original encrypted state.

The cloned encrypted image is not a single-file archive, emphasizes Rubenstein; the drive is immediately usable, e.g., it can be browsed and accessed through Windows Explorer, from -- assuming the user has the PGP key -- any computer. The drive can also be used as replacement bootable drive. If the system is new enough, you can even boot the copy from an external USB drive.

Beth Cohen, President of Luth Computer Specialists, an IT services consultancy, says, "This approach is useful for people who are encrypting their desktop or notebook, and are doing local backups."

Other uses for Casper Secure Drive Backup, according to the company, include enabling a user to move a PGP Whole Disk Encrypted system to a larger-capacity hard drive and having access to the full capacity of the new drive, or from a hard drive to a solid-state drive -- in all cases, without having to gothrough the decrypt/encrypt process required by other cloning approaches.

Even enterprises using PGP Whole Disk Encryption, who do network backup, may find Casper Secure Drive Backup useful for providing stand-alone backup and recovery.

Improvements and new features in Casper Secure Drive Backup 2.0, according to Rubenstein, include:

  • Support for PGP Desktop 10, "which was a significant upgrade to previous version,"
  • Support for Windows 7
  • Up to 50x faster operation, thanks to Future Systems' SmartClone Plus technology, which modifies the original cloned backup versus creating a full new one,
  • Support for solid-state drives (SSDs)
  • New features including enhanced backup scheduling.

Casper Secure Drive Backup 2.0 can, according to Rubenstein, also backup to, and restore from, flash drives, if the drive is initialized like a hard drive rather than like a super-floppy -- although, Rubenstein notes, "We do not yet officially support backing up to flash drives." (Flash drives that are factory-initialized like super-floppies or with a hybrid CD/super-floppy design can be re-initialized to appear like hard drives, at which point Casper can recognize and utilize them, Rubenstein notes.)

Casper Secure Drive Backup 2.0 for PGP Whole Disk Encryption supports all versions of Windows 7, Windows Vista, Windows XP, and Windows 2000. A single-system licenses is $89.95 (volume discounts available); registered users of version 1 can upgrade for $44.95, and anyone who bought version 1.0 after March 31, 2010 can upgrade at no cost.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7402
Published: 2014-12-17
Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.

CVE-2014-5437
Published: 2014-12-17
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php,...

CVE-2014-5438
Published: 2014-12-17
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.

CVE-2014-7170
Published: 2014-12-17
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

CVE-2014-7285
Published: 2014-12-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.