Safe Travels

GCN Lab Review | PGP's disk encryption is an easy way to secure data, especially for mobile devices

PGP whole disk encryption 9.6

Performance: A

Ease of use: A

Features: A

Value: A

Price: $149

Reviewer's comments: This product strikes an excellent balance between strong security and ease of use. Its full set of features covers all the bases, and once it's installed, users won't even know it's there.



(888) 515-4920

QUICK CLICK: To use PGP encryption, click the disk icon in the main window, create a user name and passphrase, and click the Encrypt button at the upper right.

No one any longer questions the importance of data encryption, especially after last year's infamous theft of the laptop PC containing sensitive Veterans Affairs Department data. That incident showed that policies alone ' such as forbidding employees to bring computers home ' don't work. Some people will fail to follow them and enforcement is difficult if not impossible.

That's why encrypting sensitive data is the way to go. If an encrypted laptop or USB flash drive falls into the wrong hands, it will be useless because the data is inaccessible without a password. The key, however, is to balance security with convenience. If the encryption and decryption process requires several extra steps and takes too much time, people won't want to use it.

PGP Whole Disk Encryption Version 9.6 does a great job at striking that balance. We reviewed the stand-alone version, which costs $149, but PGP also offers an enterprise version that can be used to manage deployment, set policies and conduct reporting.

The product can encrypt hard drives and external read/write drives such as USB flash and FireWire devices. The encryption includes system files, boot sectors and swap files. The boot sector is the area on the hard drive where the computer's boot sequence resides, and swap files are used to exchange data between a disk and memory if the data on the disk, such as an application, is too large to fit in the computer's memory all at once.

Encrypting a computer's boot sector enhances security because it means the system won't start to boot at all until you enter a password. There are no back doors through which a thief could gain access.

PGP uses the Advanced Encryption Standard 256-bit encryption algorithm, the highest level of AES encryption available and approved by the government for use with top-secret information.

A significant new feature in this version is single sign-on capability; users need enter only one password to authenticate to both PGP Whole Disk Encryption and Microsoft Windows. The PGP software does not modify or replace the existing Windows sign-on code.

PGP Virtual Disks that self-expand are also new. These virtual disks act like additional volumes on the system, and they can be locked even while you're using the computer. In fact, the virtual disk is not even visible unless you mount it through PGP's interface and enter the password. This feature is especially useful for a shared computer because users can keep their data private from each other.
A virtual disk that self-expands will automatically grow to accommodate increases in data size. Normally you have to define a static size for virtual disks, which is a balancing act because the disk should be large enough to accommodate your data yet not so large that it wastes space.

Partition-based encryption is another useful new feature in Version 9.6. Some hard drives are divided into partitions so they can run multiple operating systems or safely store recovery files. Version 9.6 allows you to encrypt one or more partitions separately.

We were impressed with PGP's simple interface, which is easy enough for a complete novice to use.

Our 40G hard drive took a little more than an hour to encrypt, and we experienced no noticeable performance lag, even when watching video files.

Gone are the days when users were held hostage by the encryption process, unable to touch or shut down the computer. With PGP Whole Disk Encryption, you can pause the process at any time and resume it whenever you like. You can even shut down the computer and resume encryption after you turn it back on.

If you do shut down, make sure you do so properly, because a sudden power loss during encryption could corrupt the drive. If there's any chance you could lose power from, say, a power failure or a cord accidentally disconnecting, you should use PGP's new power failure safeguard feature, which keeps a journal of the encryption so it can be safely and accurately resumed when power is restored. That's also useful when encrypting USB flash drives because you can remove the drive during the process.

We were glad to see that PGP lets users choose long passphrases rather than a single password, although a single password can be used if desired. The passphrase can be as long as 255 characters, including spaces.

PGP includes a feature we loved: a 'passphrase quality' bar that grades the security of your passphrase. The more secure the passphrase, the longer the bar becomes. It works by comparing the amount of randomness in the passphrase against a true 128-bit random string, which contains the same amount of randomness as an AES 128-bit key.

Another issue PGP tackles nicely is deletion. Most people know by now that deleting a file doesn't really make it go away. PGP includes a feature called PGP Shredder. The name is apt: If deletion is comparable to throwing something into a trash can ' where anyone can later retrieve it ' this feature is like a shredder that renders the data unrecoverable. It's also a snap to use because the software creates a Shredder desktop icon into which you simply drag and drop files, just like the Windows recycle bin.

The file shredding feature is great for files users know about, but applications and operating systems also create and delete files without users' knowledge. PGP comes to the rescue again with its Shred Free Space feature, which cleans all the space on a hard drive that does not contain file data.

All computers containing sensitive data, especially mobile devices, should have an encryption program. PGP Whole Disk Encryption is an excellent and affordable choice.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected