BestCrypt Volume Encryption software provides transparent encryption of all the data stored on fixed and removable disk devices.
BestCrypt Volume Encryption
software opens a new class of Volume Encryption products. With the
software users can encrypt old MS-DOS style disk partitions as well as
modern volumes residing on a number of physical disk devices, for
example Spanned, Striped, Mirrored or RAID-5 volumes.
Main Features:
Encrypts all types of volumes residing on fixed and removable disks:
Simple volume, i.e. volume consisting of one disk partition.
Mount point - volume mounted as a sub-folder on NTFS-formatted volume.
Multipartition volume, i.e. volume consisting of several disk partitions:
Spanned volumes;
Mirrored volumes;
Striped volumes;
RAID-5 volumes.
BestCrypt Volume Encryption allows encrypting data with many
strong encryption algorithms. Every algorithm is implemented with the
largest possible key size defined in the algorithm's specification:
AES (Rijndael) - 256-bit key.
RC6 - 256-bit key.
Serpent - 256-bit key.
Twofish - 256-bit key.
BestCrypt Volume Encryption utilizes XTS Encryption Mode with
all encryption algorithms listed above. XTS Mode is specially designed
for applications working on disk sector level and more secure than
other popular modes used earlier, like LRW or CBC mode.
BestCrypt Volume Encryption can encrypt volumes where Windows boots
from, as well as the volume where Windows stores its system files
(including Registry, Page file and Hibernate file). Initial encryption
is transparent both for running applications and for Windows system
modules.
BestCrypt Volume Encryption performs Computer Pre-Boot
Authentication if system or boot volume/partition is encrypted. It
means that BestCrypt Volume Encryption loads before operating system
and allows computer to boot only after entering a proper password.
BestCrypt Volume Encryption provides an easy way to customize
Pre-Boot Authentication texts appeared when the user is required to
enter password. The feature allows displaying additional hints when the
user is being prompted to enter a password and even hide the fact that
pre-boot authentication is running.
BestCrypt Volume Encryption supports hardware tokens Aladdin
eToken R2 and PRO as a secure hardware storage for encryption keys.
With hardware token users get two levels of protection for encrypted
data, because in addition to password it is necessary to connect small
hardware token where encryption key is stored.
BestCrypt Volume Encryption provides Secure Hibernating. If user
encrypts volume where Windows stores Hibernate File, BestCrypt Volume
Encryption encrypts all write operations when Windows goes into
Hibernate state and decrypts read operations when the computer wakes up
from Hibernate state. Since pre-boot authentication is necessary at
wake-up time, only the user who knows the proper password (and has
hardware token, if used) can run computer from Hibernate mode. Secure
Hibernating is a functionality that must be implemented in such
software as BestCrypt Volume Encryption, otherwise all data written at
Hibernate time (together with encryption keys) appears on disk in
opened decrypted form.
As well as Hibernate File, BestCrypt Volume Encryption encrypts Windows
Crash Dump Files. Windows writes files in a very special way, because
when a crash occurs, regular disk write operations cannot be used.
Without encrypting Crash Dump Files the security level of the software
were significantly lower, because the files can store a snapshot of
memory together with encryption keys on disk in opened decrypted form.
BestCrypt Volume Encryption supports a number of rescue functions allowing users to decrypt volumes if a serious disk crash occurs.
BestCrypt Volume Encryption Plugin for BartPE bootable CD/DVD is
available. The user can boot computer with encrypted volume using the
bootable CD/DVD and run BestCrypt Volume Encryption commands directly
from the CD/DVD. The functionality can be extremely useful for various
recovering purposes.
Besides of the functionality that must be in such kind of software,
BestCrypt Volume Encryption cares about convenience in using the
software:
If some folders on encrypted volume are shared for network access,
BestCrypt Volume Encryption will automatically restore the shares when
the user mounts the volume. The software stores information about
shared folders in encrypted form.
BestCrypt Volume Encryption allows optional mounting not system
volumes automatically before computer starts loading operating system
("Mount at Boot Time" option).
The software allows per-user setting for mounting not system volumes when the user logs on ("Mount at Logon" option).
The software has an option to hide drive letters for volumes that are
not mounted. The option allows avoiding accidental formatting not
mounted encrypted volumes.
BestCrypt Volume Encryption can display contents of physical
sectors, relatively to physical disk or logical volume. The sectors'
data can be saved to file or restored from file.