Risk
7/15/2010
12:43 PM
50%
50%

Casper Speeds Backup Cloning Of PGP Encrypted Drives

Version 2.0 works with Windows 7, PGP Whole Disk Encryption version 10 and can create browsable, bootable encrypted backups.

Encrypting data on desktop and notebook computers, especially those outside of the office, isn't just a good idea, it should be the default. That's especially true given the ever-growing number of government and industry mandates regarding protection of sensitive information, the fines for leaving such information "exposed" even if no actual harm results, and the continual stream of lost, stolen, strayed or compromised notebooks and desktop computers.

But encrypting the drive, for example with Windows BitLocker, TrueCrypt, or PGP Whole Disk Encryption doesn't automatically encrypt any local backups you make to a USB external hard drive, or to a second drive in a laptop media bay. Using an encrypted hard drive, or encrypting the backup once it's made would protect it... but how many users in small-to-midsized businesses know to do this, and consistently will?

For Windows hard drives (or portions of) encrypted with PGP Whole Disk Encryption, Future Systems Solutions has just made doing encrypted backups even quicker and easier, with the release version 2.0 of its Casper Secure Drive Backup software. Casper Secure Drive Backup "clones" -- creates a completely encrypted copy of Windows system hard disk that is protected with PGP Whole Disk Encryption, including the operating system, applications, settings, and all your data. The software works from Windows, avoiding the need to stop using or restart the computer.

According to Marty Rubenstein, Product Manager, Future Systems Solutions, Casper Secure Drive Backup is the only product currently available that can create a one-step clone of a PGP Whole Disk encrypted drive from within Windows while maintaining the data in its original encrypted state.

The cloned encrypted image is not a single-file archive, emphasizes Rubenstein; the drive is immediately usable, e.g., it can be browsed and accessed through Windows Explorer, from -- assuming the user has the PGP key -- any computer. The drive can also be used as replacement bootable drive. If the system is new enough, you can even boot the copy from an external USB drive.

Beth Cohen, President of Luth Computer Specialists, an IT services consultancy, says, "This approach is useful for people who are encrypting their desktop or notebook, and are doing local backups."

Other uses for Casper Secure Drive Backup, according to the company, include enabling a user to move a PGP Whole Disk Encrypted system to a larger-capacity hard drive and having access to the full capacity of the new drive, or from a hard drive to a solid-state drive -- in all cases, without having to gothrough the decrypt/encrypt process required by other cloning approaches.

Even enterprises using PGP Whole Disk Encryption, who do network backup, may find Casper Secure Drive Backup useful for providing stand-alone backup and recovery.

Improvements and new features in Casper Secure Drive Backup 2.0, according to Rubenstein, include:

  • Support for PGP Desktop 10, "which was a significant upgrade to previous version,"
  • Support for Windows 7
  • Up to 50x faster operation, thanks to Future Systems' SmartClone Plus technology, which modifies the original cloned backup versus creating a full new one,
  • Support for solid-state drives (SSDs)
  • New features including enhanced backup scheduling.

Casper Secure Drive Backup 2.0 can, according to Rubenstein, also backup to, and restore from, flash drives, if the drive is initialized like a hard drive rather than like a super-floppy -- although, Rubenstein notes, "We do not yet officially support backing up to flash drives." (Flash drives that are factory-initialized like super-floppies or with a hybrid CD/super-floppy design can be re-initialized to appear like hard drives, at which point Casper can recognize and utilize them, Rubenstein notes.)

Casper Secure Drive Backup 2.0 for PGP Whole Disk Encryption supports all versions of Windows 7, Windows Vista, Windows XP, and Windows 2000. A single-system licenses is $89.95 (volume discounts available); registered users of version 1 can upgrade for $44.95, and anyone who bought version 1.0 after March 31, 2010 can upgrade at no cost.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.