Applies To: Windows | Windows 7 | Security, Privacy, and User Accounts I asked a question yesterday and the answer was so good and so fast that I thought I would lay out my whole security problem and see if I can get some comprehensive help or at least useful piecemeal advice. I am a solo pratitioner starting a business as a consultant to small banks. I would like to offer my clients data security as part of their service. I am not a privacy nut, but I care. I also think I have an obligation to keep sensitve client information private. I also think it is good marketing for a solo practitioner to demonstrate that he is up to corporate standards. I am on a trict budget, but I have a little room for things I care about. In evaluating my needs I have isolated the following factors: Please keep in mind that I am a finance guy and not a techie. By long experience I have learned that I come up to speed with new technology slowly. Nevertheless I have taken a couple of weeks off and upgraded to new coputers, Windows 7, Office 2010, a smartphone, bilding a website that is not horrendously ugly etc. Website security: my current website provider is intuit (although that could change depending on your recommendation - they are not cheap); In other businesses Intuit handles lots of sensitive data, so I assume their website security is adequate. This is low priority for me because nothing is on my website except email that is not fit for public consumption. If it is hacked, we should be able to replace the whole website from back-up in a reasonable amount of time. Secure email: This is tough and I have had no real success with it. If I am going to offer it to clients it must be unusually easy to send and receive. I am not a techie and neither are my clients; a complex solution that only works part of the time is worse than none. PGP has secure email, but they open with the fact that 12 out of 12 Carnegie Mellon undergraduates who took a tutorial and then tied to use it - all of them failed. Google has it, but it is restricted to companies of 100 or more. There is GNU Privacy Guard, Mozilla Thunderbird with Enigmail (free is good). zix corp is interesting but way too expensive. FiLink sells Zixcorp technology, but is much cheaper for small users; the minimum size is five licenses at 599. I wrote the sales manager a sob note and he reduced the price to 399 first year, $249 for renewal. There is an English company called Egress for 72 pounds per year and McAfee has a product for corporate users that is affordable if they sell it one license at a time. So far I have had no luck find a comprehensive review of secure/encrypted email providers that would help me evaluate what they offer versus what they cost. My highest priority here is a good experience for my customer; I can't afford for them to resent secure email. My second priority is reasonable cost. And I MUST be able to put the email address on my website and have email security 1000% removed from website security. Note, most of the secure/encryped email products I have seen start with an outgoing email; it would be a small improvement if the first email was secure when a customer or prospect cliced secure@MyCompany. To tell the truth, I am not that senstive about the quality of the enryption. The super bad guys will always find a way. If I can keep out the idly curious and the everyday malfeasors I will be content. Secure computers and smartphone are next. I have found two parts: internet connections and hard drives. For internet connections and smart phones there seem to be lots of good choices. PC Mag like Norton and Mcafee; the European test centers favor Bitdefender and Kapersky. On balance all of them seem good. My new internet provider is comcast and norton comes for free with that so for $29 I can add their smartphone security and that seems the cheapest option. For back-up I intend to link the laptop to the desktop and backup from one to th other in realtime for onsite backup. I also want to backup in realtime to the cloud. PC Mag recommends SOS and they are affordable. But everyone is in this business. Any recommendations? Yesterday I wrote at legnth about my problems getting bitlocker to work with my two brand new toshiba computers. One is an all in one desktop DX735 $900 and the other is a portege R835-p83 $800. Neither of them have a TPM module. Models that do have TPM seem to cost around $300 more. $300 X 2 plus windows 7 ultimate $140 X2 = $880 for an encrypted hard drive. That hurts. Norton whole disk encryption has good revews at $150 and I am already using other norton products (I love having only one place to go when stuff goes wrong) The problem is that it is $150 every year for tech support. I am already paying up for Microsoft premium tech support and paying even more to support one little piece of software grinds a little. Truecrypt is free, but everything I read about it says you have to be a techie to use it. With a liitle more work I have discovered that hard disk encryption is a great big subject all by itself. There are over 20 companies producing software, some of them for free. I want something comprehensive ad easy to use. I might not be right, but I think that means complete disk encrption which narrows things down a little. Any complex procedure for managing the enrypted and unencrypted portion of your drive is an automatic loser. At some point I always get clumsy, sloppy, distracted or tired. Which brings me around to bitdefender spere. For $100 per year I can have strong intrnet security for every computer in the house, strong security for every smartphone in the house AND HARD DRIVE ENCRYPTION. I have been searching for over an hour to find out if bitdefender enccryption is 1) any good 2) user frendly 3) will encrypt a whole drive easily 4) is compatible with someone like me who has below average tech skills. Bitdefender would have the advantage of being a single source for most of my security needs with tech support included in the subscription price. Does anyone have real experience with Bitdefender? Is it a responsible choice for a newbie? Does the encryption require TPM? Are there other disk encryption options I should be considering? I have read that Bitdefender does not play well with other security software including simple stuff like malwarebytes. Does anyoe know if that is a serious problem? If bitdefender fails will it prohibit other security software that might fix the problem? Upon further research McAfee also has disk encryption in its suite and has the advantage of a possible secure/encrypted email. PC Magazine recommends the suite but even they concede the virus protection is second rate and the cure function is also nothing to brag about. (I dream of a suite that is really good at at least one of these things. If I have website, email, smartphone, backup, and computer security (internet and disk) am I done? Is there anything else? I have looked at hardware firewalls: some are as cheap as $300, but I don't know what they will add or how much I will suffer to start them up and maintain them. There also are additional software firewalls, but I do not know their pros and cons and am very concerned about how they will work alongside norton or bitdefender. As you can see, I have put some time and effort into this; actually a lot more than I would like. I am a businssman not a techie and I want to put something together that a businessman can maintain in a very reasonable amount of time. I don't mind putting some time and effort into the process up front and even a few dollars, but then it needs to work. You guys have been great so far, thanks for all your help.

Hi, You are concerned about the disk encryption and backup real time. Actually, Windows has built-in BitLocker Drive Encryption feature. You have paid more attention to the security software, I think a thorough and roundly security policy is important for a company. For example, firewall policies, router policies, switcher polices, client access policies and wireless network policies as well as USB external devices security policies. Besides, you need one email firewall. I think it is built with automatically backup feature in lots of email system. You want to backup laptops and desktops real time to cloud. I suggest you run Windows Hyper-V to achieve it. Windows Hyper-V can help you to manage the network and clients. Virtualized technology can help you run lots of clients without physical machines. All the data is stored in the servers, you just need to protect the servers from attacking. I just have thought of these, hope that helps. If you have further questions, please let us know.