To address the "encrypting the data going to the server" you can use rdp, so no data is ever written to the client device, the workstation boots then they click on the rdp shortcut and work from within-
Jean-Paul Natola > Date: Fri, 17 Jan 2014 17:21:47 +0100 > From: [email protected] > To: [email protected] > Subject: Re: [NTSysADM] RE: encrypting Server 2008 R2 virtual disk > > Hi, > > If you make just an encrypted partition (or image file), then Windows > will leak unencrypted data to temp files and swap space. > > If you encrypt the whole system, then somebody must enter the password > on each boot. Fine if it's sitting on my desk, but bad if it's in a rack > somewhere else, or even a virtual machine with no console attached. > > You should use whole hard disk encryption on the clients (to make temp > and swap encrypted). In addition you must make sure that the data is > also encrypted when it goes to the server. But you cannot mount one > truecrypt partition on the server from several clients at once, only one > user at a time, otherwise its contents will be garbled. > > > Klaus > >
