• 11/23/2010
    10:12 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Wave Embassy Trusted Drive Manager Simplifies Encrypted Drive Management

Securing data on laptops protects your company's data in the event the laptop is lost or stolen. According to the DatalossDB, which is maintained by the Open Security Foundation, by November 22, 2010, 12 million personal records have been exposed because of lost or stolen computers, laptops, disks, and other media. That tally doesn't include data loss such as intellectual property and other company secrets. Losing data is a risk most companies can't afford. Encrypting hard drives is one critical

User passwords can be synchronized with Windows for single sign-on using Windows Password Synchronization. This means the user's Domain credentials will be synchronized with the drive automatically, even when the user changes passwords. ERAS doesn't enforce Domain password policies; instead, it relies on Windows Group Policy Objects to do so. If the passwords get out of synch, then the drive password can be temporarily reset. This is a two-step process: first, the password is reset in ERAS, creating a temporary password on the drive. Second, when the user powers up the computer, they enter the reset password, and then log in to Windows using their domain password. Once the user logs in, the Domain credentials are applied to the drive. It's not exactly single sign-on, but it is one less password for the user to remember and only happens on the rare occasion that password get out sync. The computer has to be connected to the ERAS server for the password reset initiated from ERAS to take effect.

waveIOPs.pngIf a remote user can't connect to ERAS, then a lost drive password can be recovered using a pre-installed password or a challenge/response. When the drive is initialized, a user account called recovery_agent is assigned to the drive with a long, complex password. When the user calls in for help, the help desk can read off the password, which the user enters to unlock the drive. However, once you've used the pre-installed password, you must generate a new recovery password and apply it on the drive; otherwise or the user can continue to use the same password over and over. Once the user has recovered the drive, make sure you generate a new password if the user is connected to ERAS. An easier alternative uses a challenge/response method, which automatically generates a new recovery password once the current one is used and doesn't require the client to be connected to ERAS.

waveBPS.pngWe tested the drive performance using IOmeter and the stock 4KB configuration files that ship with IOmeter. While there was a marked difference in file transfer speed and I/O operations per second between the Seagate HDD and the faster Samsung SSD, there was no difference in performance when the drive was protected or not.

Pricing for ERAS starts at $93 per user for 50 users. Volume pricing discounts are available. 

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments