I'm hoping I can get some advice re removable media encryption solutions.

I've been doing a bit of reading, and I'm puzzled as to how these solutions work. If I want to find a solution that protects data at rest on flash drives and USB hard drives, what are my options? If the drive is encrypted, and the key is associated with a given computer, how does a user move the removable media from one device to another?

That is, if I encrypt a thumb drive and take the drive somewhere else to do some work, how do these solutions work? Do they have some auto-run app on the drive that prompts me to enter a password to unlock the drive? Does the app get installed when I first plug the removable media into an encrypted drive?

I'm pretty clear on 'encryption 101' - I'm just curious how removable media encryption works when the encryption / decryption application itself might now reside on the host computer into which the removable media might be plugged.

If someone could shine some light on how these solutions work in the real world it would be much appreciated. Thanks.

With something like TrueCrypt, really the only one I'm familiar with, you'd just install the application on the removable media.

I believe the commercially-available thumbdrives, for example, work in a similar fashion. The encryption software automatically runs when you plug the drive in, and then a separate unencrypted volume gets mounted.

For the encryption on my external drive, the drive shows up as a CD player when I plug it in. There's a .exe file named Unlock. Launching it pops up a window with a box for a password. Once I provide the correct password, a new drive letter appears giving me access to the drive.

TrueCrypt is the only one I use and trust.

I like Ironkey for removable drives. Too many failed password tries and it self restricts.

What is the name of your encryption software? Or is it built into your external drive?

IronKey has sold its USB-based security hardware business to Imation. So I predict that quality will plummet and price will increase. They are honestly way overpriced as is...

I'd rather stick to truecrypt, I control it, I set encryption lvls, key strengths, cypher types, container size/s. It is transparent, unless you know what you are looking for you'd never something was "truecrypt'd"
Security threw obscurity is still a good practice.

Thanks. If you plug a new thumb drive into your computer, does it automatically get provisioned with the encryption software, or do you have to do that yourself?

What if there are already files on the removeable media - i.e. if you borrow a friend's thumb drive and then plug it in, what happens?

I think you meant that security through obscurity is never a good practice.

It came with the hard drive and is on the hard drive, so it travels with it. The program is Western Digital SmartWare. Since the encryption program is not on my computer, it has no effect on other external media.

I'm not sure what provisioning means, but all the examples we're talking about here, the encryption software resides on the external media (thumbdrive, portable hard drive, makes no difference...)

Any thumb drive discussed so far can get plugged into any computer. I'm not sure what the issue is of whether there are already files on it (there would be, of course -- the encryption software).

I've always configured my TrueCrypt USB drives to be "innocuous" to anyone who might steal a thumb drive and put it in their computer. With this option, the drive shows up to them as unformatted and asks, "would you like to format the drive now?" If they format, it destroys all my encrypted data - but of course I have it backed up in other places, and there's no way they get hold of it.

I like IronKey, but I'll be the first to admit, it's overkill for most personal use. But they are extremely secure!

I rely on truecrypt for whole disk encryption and removable hds