WinMagic Hard Disk Encryption - The most secure and versatile disk encryption software.

CORPORATE INFORMATION

	Corporate Information
	About WinMagic
	News and Events
	Press Reviews
	Product News
	Testimonials
	Awards & Certifications
	Careers at WinMagic
	Contact Us


	Corporate Info // Press Reviews Comparison Test - PC-Professionell (May 2, 2005) The German Magazine PC-Professionell has reviewed SecureDoc in its disk encryption product comparison. Time and time again, and also in this test, SecureDoc turns out to be one of the most reliable, feature-rich, secure and versatile full disk encryption solutions worldwide. In this particular test, which was very thorough and objective, we feel that some important disk encryption product features have been overlooked. In the article, it is stated that SecureDoc, which stores keys in a key file, is not as secure as other products that save keys in inaccessible, hidden locations. Although it is true that SecureDoc key files can be seen or accessed, this is not a security flaw at all. In fact, if we use the widely-used and widely-scrutinized encryption of email as a model, it is clear that SecureDoc follows the same basic principles. Standard email products such as Microsoft Outlook use files to contain the user's private key file, and open cryptographic standards such as PKCS #12 to help protect these key files even though they can be accessed. We do not consider a key file to be "sensitive material" because its protection is based on cryptography. Anyone with Administration rights on the client machine can see the key file. A regular user would not be able to see or access SecureDoc key files. For the protection of a user's data, WinMagic has designed SecureDoc so that even WinMagic, the manufacturer, cannot access users' computers. Knowing all the obscure space where key files are stored would not help WinMagic attack its SecureDoc product - cryptography helps make encryption products secure based on security, not on obscurity. The weakest link in this security design is the user's password. In addition to including the ability to require users to create strong passwords, SecureDoc offers a unique integration to the high level of security offered by smart cards, USB cryptographic tokens and PKI. SecureDoc has been designed since the beginning based on open standards, where they have been available. Its network product, SecureDoc Enterprise Server, also conforms to this ideal, using a standard ODBC-based SQL server. WinMagic is of the opinion that using a standard database is better than proprietary databases or even flat files, which are used by other products. Comparing it unfavorably to products that use proprietary designs implies that such designs are desirable, which we strongly feel is not true. The article raised issues of performance, a SecureDoc quality that is often highly praised by customers. SecureDoc has two encryption modes: one is more thorough than another, but it runs more slowly. In this test, it may have been possible that SecureDoc was tested using this more thorough mode while competitive products may have been tested with less thorough modes. Also, SecureDoc's ability to allow interruption of the initial encryption does have some impact on encryption performance: do the other products offer such a feature? And the performance on the day to day operations, we suspect, may have been affected by using file encryption on top of disk encryption. Two more minor points. Integration with third party token manufacturers is a major feature of SecureDoc: perhaps this review should have involved using tokens, which are becoming widely used. And although the stand-alone SecureDoc offers self-help challenge-response password reset only, the enterprise version does have a complete one-time challenge/response feature. We hope these comments will be taken in the spirit they are intended. WinMagic Inc.

Corporate Info // Press Reviews