|
Many organizations
rely on encryption to protect their
sensitive corporate data. If a
laptop
containing sensetive
information is compromised, encryption
is relied upon to protect the
organization from data breaches
and the negative publicity and impact to
reputation that will
follow.
Most
encryption solutions
face the following challenges:
-
Traditional
software applications are expensive
-
Computer
performance can be negatively
impacted
-
Management of
encryption keys is a manual process,
that consumes significant IT
resources
Even if you get
everything right, there is one point of
failure beyond your control...the end
user. If the
user fails to store the documents in the
appropriate volume or if they do not
safeguard
their encryption key, then encryption
will provide you with no protection at
all.
To combat this
reality, computer manufacturers are
building self-encrypting drives (SEDs)
into their
devices, providing a standardized,
hardware-based method of encryption that
will ship with
the computer.
Self-Encrypting Drives &
OPAL Specifications
SEDs that are built into new computers
comply with the OPAL specifications – an
industry
standard released in early 2009 by the
Trusted Computing Group. By encrypting
the drive itself,
rather than other components of
the PC, the content of an OPAL SED is
always encrypted, including the
encryption keys.
Absolute Secure
Drive
With encryption
built into computers, it is imperative
that the organization take immediate
control to ensure the encrypted hard
drive (and the data it contains) is not
compromised.
AbsoluteŽ Secure Drive supports the new
OPAL SEDs, placing control of this
encryption technology in the hands of
the organization. IT Administrators can
easily configure and set up OPAL SEDs on
each computer. Then they can administer
users, authentication methods, policies,
and system maintenance through to
end-of-life, all from a central
administration console and
much more
cost effectively than traditional
software-based encryption solutions.
Configuration & Management
Since the
SED is built into the computer, it’s
important that your organization owns
and controls the encrypted drive before
anyone else can take control of it. With
Absolute Secure Drive, IT Administrators
can:
-
Set up and
configure OPAL SEDs using strong
authentication with Windows login
-
Easily deploy
through integration with existing
Active Directory/ADA M, and Novell
eDirectory environments
-
Configure SED
security features accessible by
multiple users and groups of users
per OPAL specifications
-
Manage multiple
authentication devices and
mechanisms to unlock the hard disk
at pre-boot with SSO options
-
Recover
credentials in case the system
crashes or if the authentication
device malfunctions
-
Decommission SEDs
including at PC end-of-life with
disk drive and data erase
Absolute Secure Drive supports S3
(sleep) mode resume without blue
screening or crashing. Plus it includes
a standard plug-in for the Microsoft
Management Console.
Authentication & Access
IT
Administrators can unlock OPAL SEDs with
the pre-boot authentication module that
runs in under 3 seconds from the secure
Master Boot Record shadow area. Strong
authentication mechanisms are supported
(Windows passwords and fingerprint
scanning) providing single sign-on
capabilities so that users will no
longer have to re-authenticate at GINA/CredProv
login. IT Administrators can also
perform emergency login and recovery as
needed.
Linux-based pre-boot authentication
means that Absolute Secure Drive is
flexible and scalable. Other solutions
do not support open source and are
limited to text-based log-in with little
customization.
Absolute Secure Drive includes a central
administrative console where IT can
easily configure and manage SEDs and
users. Your organization will benefit
from a significant reduction in the time
IT spends on configuration, maintenance,
and encryption key management.
|
