Encryption Administration – How many people does it take?

It’s always staggering when we speak with our clients how many people are actually on their encryption team and how much time and effort they spend just trying to get things right.  Are you any different? How many people are on your encryption administration team? How much time do they spend on user management? 

Before I started working here at WinMagic, I had six people on my encryption team managing: 10,000 laptops and 20,000 users; whereby, 90 per cent of our time was spent on adding users and password resets. There was no way, one person could manage a workload like that. Boy how I wish I had a solution back then which could help make things easier. For example, one of the technologies that would’ve really helped was Pre-boot Network-based Authentication.

This type of authentication is like standard Pre-boot authentication except it’s more akin to having a bouncer at the door on steroids ensuring only the right people get in. Taking the authentication portion directly to the network (and verifying against Active Directory for current credential validation) vs. doing it locally on the PC where old credential settings may still apply.

Not only does Pre-boot network authentication give a greater level of security, it also offers huge cost savings. From a management perspective, it allows IT staff to free up their time to perform other duties that will add value to the organization, resulting in more efficient and effective employees.

So in a nutshell, pre-boot network authentication would deliver:

  • HUGE costs savings through faster resolution of password reset and simple device staging – In a recent survey conducted by WinMagic and the Ponemon Institute, results showed the estimated time spent on something like password resets is 20 minutes per user. Pre-boot network-based authentication could reduce that to 5 minutes!
  • Automated user provisioning – Again, making me, as an administrator very happy.  My desktop team is also happy now that they don’t have to wait for someone from the encryption team to process a request to add a new user to a machine.
  • No more “I’m locked out of my laptop” calls (for me, these always came in at midnight) because now users can just follow their standard process for password resets in AD via the Service Desk. The administrator in me is again, REALLY happy with this one (and so is my wife)!  My users are also happy here because they don’t have to follow a separate process anymore.

The list could go on and on, but I have to get back to work.

If you’re reading this, you might be thinking to yourself, “There’s no way one person could deploy and manage my company’s encryption solution.” You might be right, but there are solutions out there that can help, solutions like PBConnex.

Previous Post
Focused on Protecting Data
Next Post
Rethinking Data Security for the Public Cloud

Related Posts

Bad Habits Coming to Work?

Last week at RSA Conference 2014 we announced the results of a Harris Poll survey we commissioned. It was an interesting process and the data it revealed was not altogether surprising, but the main conclusion one draws from it is…

Talkin’ to Government

Today marks our first day at FOSE – the annual conference for government technology professionals. In today’s increasingly security-sensitive environment, this conference should provide some good insights as to what’s on the mind of folks working in government and how…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu