You are concerned with data security, data is your highest asset.You must protect it against theft. A stolen laptop from one of your top management staff could contain valuable data to industrial espionage.
So you are searching for Full Disk Encryption Solution .You know there a lot of vendors .You decided to compare which FDE solution is the best.I did this before and I know it's hard to tell.
I am not going to sell you a certain FDE product.The most important thing to know that any encryption solution will be vulnerable to cold boot attack and once your PC is unlocked your data is not protected any more.
Full hard disk encryption
So you are searching for Full Disk Encryption Solution .You know there a lot of vendors .You decided to compare which FDE solution is the best.I did this before and I know it's hard to tell.
I am not going to sell you a certain FDE product.The most important thing to know that any encryption solution will be vulnerable to cold boot attack and once your PC is unlocked your data is not protected any more.
Here is the selection criteria for full disk encryption solution,Thing to test in a proof of concept for FDE solutions.Good luck choosing the best FDE solution.
Full hard disk encryption
Technical
Specifications:
1. Compatibility:
solution must be compatible with all OS in corporate environment.
2. Security Features:
1.
Solution must
provide full disk encryption /whole disk encryption with a proofed cryptography.
2.
Solution must
provide a full key management lifecycle (key creation, deletion, recovery, use,
and storage).
3.
Solution must
provide different methods for key recovery (onsite, offsite and disaster
recovery)
4.
Solution must
provide controlled views of keying material and separation of duties.
5.
Solution must
provide different method for authentication (passphrase, tokens…)
6. Solution must be
able to integrate with enterprise DLP solution to force encryption for
removable media.
7.
Solution must have
a reporting capability and ability to generate custom reports.
8.
Solution must be
able to integrate with enterprise directories (MS Active Directory..).
9.
Solution must be
able to integrate with different SIEM vendors.
10. Solution agent must not affect endpoint performance.
11. Solution must have background encryption processing
capability.
12. Solution must have a built-in mechanism for fault
tolerance.
13. Solution must support and continue encryption process
after suspend and hibernation states.
14. Solution must comply with FIPS 140-2.
No comments:
Post a Comment