What’s the right choice?

We’re a huge proponent that Full Disk Encryption (FDE) is the cornerstone of any data security solution and should be the foundation for which all solutions should be built on. But more and more, in a world where customers are dealing with strict budgets, compromises need to be made and customers are looking at alternative solutions.

Generally speaking we offer many forms of data protection with SecureDoc, FDE, port control, removable media encryption (RME), SED management or FileVault 2 management. However, we’re seeing an increasing amount of customer being more surgical in the way they manage their device security.

High risk products like laptops and other devices that regularly leave the office tend to get the most attention and are typically the most at risk. As a result, these systems tend to get the ‘whole hog’ when it comes to device security, FDE, RME, Port Control etc. They’re locked down tight to avoid potential risk.

But what about devices that don’t leave the office; the workstations, desktops, thin clients and other devices that are somewhat safer within the confines of doors with swipe card access and other security measures?

This is where we see customers trying to be more economical (if budgets dictate) in how they secure data on these devices. Given a device isn’t leaving the premises, there is less risk to that device being lost or stolen, so the concern for these devices is ensuring that any data that leaves the device remains encrypted. The solution? Removable Media Encryption (RME) or Removable Media Container Encryption (RMCE). Policies enforcing this ensure data that is removed from the system must be encrypted when removed from the system.

Alternately, some customers don’t ever want data leaving a device that must remain on premise. In this instance, port control and policies restricting writing to external media can be employed to prevent this. Locking down optical drives and USB ports from being able to write information more or less removes the risk associated with ‘data slurping.’

We have to be flexible in our approach, considerate of budgets and generally open and understanding of their requirements and how we can best address them.

Sometimes, one size doesn’t fit all.

Previous Post
Have a good rest on Civic Day, Canada!
Next Post
Securing the Cloud

Related Posts

Pre-Boot Network Authentication

Being an IT administrator can be very challanging, with many responsibilities ranging from making sure every employee has the proper working tools required to do their jobs to keeping corporate data safe. Some of the simplest tasks faced by IT…
Read more

Travelling is always a Security education

I’ve been doing a lot of travelling lately and talking to lots of folks about data encryption and SecureDoc specifically. It’s always interesting to get a sense of people’s perceptions around the topic and key areas of interest like Self…
Read more

Busy Growing

WinMagic is a global organization that’s seeing a lot of success in market today. With success comes growth and we continue to see strong market demand in Europe, Middle East and Africa (EMEA) and India. We’ve had solid presence in…
Read more

It’s not as hard as you might think

I was reading an article from ITWorld this week that touched on the recent data breach at the South Carolina Department of Revenue. While I find this type of thing fascinating, I also find it scary when someone says something…

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu