It's 10 p.m. Do You Know Where Your Laptop Is?

There's one unfortunate but unavoidable reality of owning a laptop: It could easily be stolen. The very characteristics that make laptops most useful--size, weight and portability--render them easy targets.

By some estimates, as many as 90 percent of businesses have had at least one laptop stolen in the past year. And not even the most security-conscious organizations are immune. In a February 2007 audit, the U.S. Department of Justice reported that 44 laptops were stolen from the Federal Bureau of Investigation over the past 4 years, up nearly 40 percent from an audit in 2002.

The most obvious costs of laptop theft--hardware replacement and data recovery--can prove almost insignificant in comparison to the security breach that theft may cause.

Slide Show: 6 Full-Disk Encryption Products
That Have Your Laptop's Back

Enter full-disk encryption software, which encrypts all data stored on the hard drive, including the boot partition and system files. Without a working password, a thief will find the drive both indecipherable and unbootable.

Full-disk encryption has a number of advantages over more traditional encryption that focuses on specific files or directories. It requires minimal user interaction or interface changes; once the OS has launched, the encryption software typically remains transparent to the user, thus minimizing user frustration and workflow disruption. Similarly, full-disk encryption provides a higher level of security by denying the user the option of saving unencrypted data. Full-disk encryption also encrypts sensitive data in system files that other encryption methods can't touch without interfering with the host operating system.

The mechanics of full-disk encryption are fairly straightforward, if not simple. Initial deployment includes sector-by-sector encryption of the hard drive and installation of a stripped-down custom OS known as the "preboot environment." Once operational, the preboot environment can use any authorized authentication credential to decrypt a master key created for that specific drive, and then use that key to decrypt the drive itself. Once decrypted, the OS boots, and the user proceeds as usual.

A Boom Market
Demand for full-disk encryption has skyrocketed over the past 18 months. According to Rob Eggebrecht, senior partner at BEW Global, a Pointsec reseller, "It's been a land grab out there lately. People don't need to be sold on this; they're out there looking. A lot of them go with the first company to offer a solution."

"This year's been big," adds Brent Smith, president of ANIDirect, a PGP solution provider. "Whole-disk encryption projects have doubled in the last 12 months, and more than half of those didn't have existing PGP installs. At this point, [full-disk encryption] accounts for maybe 10 percent of my business."

Not surprisingly, most of the recent demand has come from the high end of the security market: government agencies and large enterprises in verticals with heightened security concerns.

"Our first adopters were aerospace and defense manufacturers, followed by financial services and health care," says Joseph Hoban, vice president of global channel sales at encryption vendor GuardianEdge Technologies. "State and federal government offices are starting to pick up now."

Adds Smith: "There's a need in every organization, but we're seeing the fastest growth in financial services, health care and manufacturers with intellectual property issues."

Others, too, are reporting that the demand for full-disk encryption is fanning out, especially among small and midsize organizations. "Some are just doing research, some are acting on a directive to deploy this year, but everyone's looking at [the technology]," says Brian Vermillion, director of security at Plan B Technologies. "Even when we're talking about something else, ears definitely perk up when we mention it."

NEXT: What's driving the market for full-disk encryption.