Encryption Administration – How many people does it take?

It’s always staggering when we speak with our clients how many people are actually on their encryption team and how much time and effort they spend just trying to get things right.  Are you any different? How many people are on your encryption administration team? How much time do they spend on user management? 

Before I started working here at WinMagic, I had six people on my encryption team managing: 10,000 laptops and 20,000 users; whereby, 90 per cent of our time was spent on adding users and password resets. There was no way, one person could manage a workload like that. Boy how I wish I had a solution back then which could help make things easier. For example, one of the technologies that would’ve really helped was Pre-boot Network-based Authentication.

This type of authentication is like standard Pre-boot authentication except it’s more akin to having a bouncer at the door on steroids ensuring only the right people get in. Taking the authentication portion directly to the network (and verifying against Active Directory for current credential validation) vs. doing it locally on the PC where old credential settings may still apply.

Not only does Pre-boot network authentication give a greater level of security, it also offers huge cost savings. From a management perspective, it allows IT staff to free up their time to perform other duties that will add value to the organization, resulting in more efficient and effective employees.

So in a nutshell, pre-boot network authentication would deliver:

  • HUGE costs savings through faster resolution of password reset and simple device staging – In a recent survey conducted by WinMagic and the Ponemon Institute, results showed the estimated time spent on something like password resets is 20 minutes per user. Pre-boot network-based authentication could reduce that to 5 minutes!
  • Automated user provisioning – Again, making me, as an administrator very happy.  My desktop team is also happy now that they don’t have to wait for someone from the encryption team to process a request to add a new user to a machine.
  • No more “I’m locked out of my laptop” calls (for me, these always came in at midnight) because now users can just follow their standard process for password resets in AD via the Service Desk. The administrator in me is again, REALLY happy with this one (and so is my wife)!  My users are also happy here because they don’t have to follow a separate process anymore.

The list could go on and on, but I have to get back to work.

If you’re reading this, you might be thinking to yourself, “There’s no way one person could deploy and manage my company’s encryption solution.” You might be right, but there are solutions out there that can help, solutions like PBConnex.

Previous Post
Focused on Protecting Data
Next Post
Rethinking Data Security for the Public Cloud

Related Posts

When virtual environments get too heavy

When Virtual Environments Get Too Heavy

As an encryption security vendor that is working its way into Mobile Device Management (MDM), I’m fascinated and constantly looking at new ways to secure mobile devices and company information. As someone with a background in virtualized environments, I’m even…
Read more

An innovative approach – CIOSynergy

Last week I had the opportunity to attend the CIOSynergy event in Toronto at the Trump Hotel & Tower. It was an interesting day of interacting with key IT decision makers within various organizations and learning about some of the…
Read more

What kind of encryption is best for you?

There are plenty of ways to secure data and all have pretty acronyms: Full Disk Encryption (FDE), File and Folder Encryption (FFE), Removable Media Encryption (RME) and so on. These three are the ‘meat’ of any good encryption solution. The…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu