SecureDoc is a comprehensive disk encryption product that secures data at rest (DAR). It has two main components: the client software used to encrypt and decrypt data and the server software (SecureDoc Enterprise Server or SES) used to configure, deploy, and manage encryption for an entire organization.
The SecureDoc client software uses a FIPS 140-2 level 1 and level 2 certified AES 256-bit cryptographic engine to encrypt data. WinMagic recommends that all drives be protected with full-disk encryption (FDE); container, and volume encryption can be used to supplement FDE on shared workstations to add another layer of defence for classified data, and to encrypt data on external storage devices such as USB keys, CD/DVDs, and SD cards. The SecureDoc client software provides encryption capabilities on multiple operating systems (Windows, Mac, and Linux via SecureDoc OSA).
SES enables administrators to configure, deploy, and maintain an entire organization’s data encryption requirements from an integrated management console.
Tasks administrators can accomplish through the SES management console include:
- Simplify device management with PBConnex
- Define user and device profiles
- Manage and label encryption keys
- Manage BIOS credentials with Lenovo’s integrated Hardware Password Manager
- Easily manage user access rights by synchronizing SES users and groups with Active Directory
- Enable Single Sign-On (SSO) for pre-boot authentication using Windows ID
- Monitor the status of encrypted devices
- Configure single-factor or multiple-factor pre-boot authentication requirements (password plus biometrics, PKI, token, or smart card)
- Manage and support hardware-based encryption technologies including Seagate Momentus™ DriveTrust drives, TCG Opal drives, and self- encrypting USB thumb drives
- Integrate and manage theft deterrence mechanisms such as Intel® Anti-Theft technology