Wave Embassy Trusted Drive Manager Simplifies Encrypted Drive Management
Mike Fratto and Editor
November 23, 2010
Securing data on laptops protects your company's data in the event the laptop is lost or stolen. According to the DatalossDB, which is maintained by the Open Security Foundation, by November 22, 2010, 12 million personal records have been exposed because of lost or stolen computers, laptops, disks, and other media. That tally doesn't include data loss such as intellectual property and other company secrets. Losing data is a risk most companies can't afford. Encrypting hard drives is one critical step to ensure lost or stolen computers, laptops, and media aren't exposing your company.
Rather than encrypting files and folders, which require users to save sensitive information to the right location, encrypting the entire drive is largely transparent to the user and sufficient to ensure data will be kept from prying eyes. Software-based whole disk encryption is one option, but there is a significant performance hit when reading or writing data. Hard disk encryption speeds the process by performing encryption on the disk controller in hardware. In addition, the encryption keys are generated and retained in the drive hardware, protecting them from memory debuggers.
Wave's Embassy Trust Suite and Embassy Remote Administration Server (ERAS) 1.6 offers a useful pairing of hard disk encryption and remote administration. We tested these products and found them to be simple to use. In particular, ERAS makes managing encrypted drives from a central point easy.
Embassy Trust Suite with Trusted Drive Manager is the stand-alone management application for individual laptops. It is pre-loaded on Dell laptops that have encrypted drives, and is an option on laptops from HP and Lenovo. Trusted Drive Manager is an ETS module and allows users with administrative privileges to create encryption keys and manage authorized drive users. TDM also integrates with Windows to provide single sign-on so users that successfully log into the drive are also logged into Windows.
Enterprises, however, should centrally manage these drives to enforce uniform encryption policies and support users that forget passwords and encounter other problems. With ERAS and Trusted Drive Manager, you can centrally manage the secure hard drive , Trusted Platform Management (TPM), and biometric polices on domain computers. ERAS is integrated with Windows, so you can synchronize users' Domain credentials with the encrypted drives for single sign-on and password policy enforcement. If you need encrypted drives, a central manager is a must for effective management.