Risk
7/15/2010
12:43 PM
50%
50%

Casper Speeds Backup Cloning Of PGP Encrypted Drives

Version 2.0 works with Windows 7, PGP Whole Disk Encryption version 10 and can create browsable, bootable encrypted backups.

Encrypting data on desktop and notebook computers, especially those outside of the office, isn't just a good idea, it should be the default. That's especially true given the ever-growing number of government and industry mandates regarding protection of sensitive information, the fines for leaving such information "exposed" even if no actual harm results, and the continual stream of lost, stolen, strayed or compromised notebooks and desktop computers.

But encrypting the drive, for example with Windows BitLocker, TrueCrypt, or PGP Whole Disk Encryption doesn't automatically encrypt any local backups you make to a USB external hard drive, or to a second drive in a laptop media bay. Using an encrypted hard drive, or encrypting the backup once it's made would protect it... but how many users in small-to-midsized businesses know to do this, and consistently will?

For Windows hard drives (or portions of) encrypted with PGP Whole Disk Encryption, Future Systems Solutions has just made doing encrypted backups even quicker and easier, with the release version 2.0 of its Casper Secure Drive Backup software. Casper Secure Drive Backup "clones" -- creates a completely encrypted copy of Windows system hard disk that is protected with PGP Whole Disk Encryption, including the operating system, applications, settings, and all your data. The software works from Windows, avoiding the need to stop using or restart the computer.

According to Marty Rubenstein, Product Manager, Future Systems Solutions, Casper Secure Drive Backup is the only product currently available that can create a one-step clone of a PGP Whole Disk encrypted drive from within Windows while maintaining the data in its original encrypted state.

The cloned encrypted image is not a single-file archive, emphasizes Rubenstein; the drive is immediately usable, e.g., it can be browsed and accessed through Windows Explorer, from -- assuming the user has the PGP key -- any computer. The drive can also be used as replacement bootable drive. If the system is new enough, you can even boot the copy from an external USB drive.

Beth Cohen, President of Luth Computer Specialists, an IT services consultancy, says, "This approach is useful for people who are encrypting their desktop or notebook, and are doing local backups."

Other uses for Casper Secure Drive Backup, according to the company, include enabling a user to move a PGP Whole Disk Encrypted system to a larger-capacity hard drive and having access to the full capacity of the new drive, or from a hard drive to a solid-state drive -- in all cases, without having to gothrough the decrypt/encrypt process required by other cloning approaches.

Even enterprises using PGP Whole Disk Encryption, who do network backup, may find Casper Secure Drive Backup useful for providing stand-alone backup and recovery.

Improvements and new features in Casper Secure Drive Backup 2.0, according to Rubenstein, include:

  • Support for PGP Desktop 10, "which was a significant upgrade to previous version,"
  • Support for Windows 7
  • Up to 50x faster operation, thanks to Future Systems' SmartClone Plus technology, which modifies the original cloned backup versus creating a full new one,
  • Support for solid-state drives (SSDs)
  • New features including enhanced backup scheduling.

Casper Secure Drive Backup 2.0 can, according to Rubenstein, also backup to, and restore from, flash drives, if the drive is initialized like a hard drive rather than like a super-floppy -- although, Rubenstein notes, "We do not yet officially support backing up to flash drives." (Flash drives that are factory-initialized like super-floppies or with a hybrid CD/super-floppy design can be re-initialized to appear like hard drives, at which point Casper can recognize and utilize them, Rubenstein notes.)

Casper Secure Drive Backup 2.0 for PGP Whole Disk Encryption supports all versions of Windows 7, Windows Vista, Windows XP, and Windows 2000. A single-system licenses is $89.95 (volume discounts available); registered users of version 1 can upgrade for $44.95, and anyone who bought version 1.0 after March 31, 2010 can upgrade at no cost.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4632
Published: 2015-01-31
VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 does not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certifica...

CVE-2014-7287
Published: 2015-01-31
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header.

CVE-2014-7288
Published: 2015-01-31
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.

CVE-2014-8266
Published: 2015-01-31
Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field.

CVE-2014-8267
Published: 2015-01-31
Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.