5 Best Enforced Encryption Features
Faced with increasingly restrictive data protection regulations and the very real threat of cyberattacks, businesses big and small have recently made data security a top priority. But, as they invest in complex strategies to protect data within their company networks, they often overlook one of the greatest sources of data leaks: data in transit.
In today’s fast-paced business world, employees often travel for work, regularly attend outside meetings where they are expected to hold presentations or expos and conferences where they present their products to attract new customers. All these scenarios imply devices on the move, in often hectic, overcrowded environments, very much outside the security of a company network. A moment’s distraction is all that stands between an organization and data loss or theft.
The easiest way to protect data in these kinds of situations is encryption. Strongly recommended by the EU’s General Data Protection Regulation (GDPR) as an essential tool businesses should use to ensure their data is kept secure, encryption can be implemented not only on computer hard drives, but also removable devices such as USBs.
Endpoint Protector’s Enforced Encryption serves just such a purpose, ensuring that any company data copied onto USBs will be automatically encrypted with government-approved 256bit AES CBC-mode encryption. Here are some of the features that make it the most attractive product of its kind on the market:
1. Cross-platform capabilities
It’s rare nowadays for businesses to use only one operating system company-wide. Whether it is executives, web designers or marketing professionals using Macs or organizations giving Apple-loving employees free rein to choose their own devices, macOS has become a common presence in offices around the world. Which is why it’s important for companies to look for cross-platform solutions when protecting data on the move.
Enforced Encryption can be used for USB storage devices connected to both macOS and Windows running computers. Not only that, it offers the same range of features for both operating systems. Admins can also control its deployment and settings from the same dashboard, regardless of the OS they themselves are using.
2. Automatic and manual deployment
From the Endpoint Protector dashboard, admins can automatically deploy EasyLock, Enforced Encryption’s solution to all trusted USB storage devices when they are connected to a network computer. Using a simple drag and drop interface, files can then be easily copied to and from the EasyLock client installed on the root of the device.
Manual deployment is also possible: users and admins can download the EasyLock client, copy it onto a USB device and execute it from the root. Due to their extensive security features, these manual installation files can only be used once. A new file needs to be downloaded for every installation.
3. Complex passwords
Admins can enforce strong password rules to ensure data on USB devices stays secure once it’s encrypted. Complex password settings allow admins to define the mandatory length of passwords and the criteria of their composition.
They can choose the minimum number of upper and lowercase letters, special characters and numbers. They can also set a validity period for a password and how many attempts someone has to enter it correctly.
4. Resetting passwords and devices remotely
There are a number of features which admins can use to remotely control USB devices with EasyLock installed. Through them, they can send messages to users and reset passwords in case they have been compromised or forgotten.
USBs can also be wiped remotely by resetting the device, effectively deleting the EasyLock client and all the files that were encrypted with it.
5. File tracing
EasyLock also comes with a File Tracing option. Once turned on, this feature records and logs all data transferred to and from devices using EasyLock. The logs are then sent to the Endpoint Protector Server when the device is connected to a computer with an Endpoint Protector Client installed. Such records and logs can later be used for auditing and compliance purposes.
This feature is also available offline: EasyLock can store the logs locally in an encrypted format on the device until it will be connected to a computer with an Endpoint Protect Client present.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.