effiziente verwaltung und nutzung verschlüsselter umgebungen platinum partner schweiz
TRANSCRIPT
Effiziente Verwaltung und
Nutzung verschlüsselter Umgebungen
Platinum Partner Schweiz
Agenda/ThemenI. Herausforderung Datensicherheit für Unternehmen
II. Verwaltung verschlüsselter Umgebungen und Alleinstellungsmerkmale
III. Der Markt / Markttendenz
IV. Bitlocker & SecureDoc
V. Kosteneinsparungspotentiale
VI. Informationen zu WinMagic
VII. Live Demo
FDE Growing in adoption
Data breaches a common occurrence today
More than 660 million records compromised since 2013
Windows continues its dominance as business OS
IT faces increased risk with mixed environments & BYOD
Only takes one lost or stolen unsecured device to ruin
reputation
FDE Growing in adoption
Data privacy regulations are forcing adoption: Health Insurance Portability & Accountability Act (HIPPA – US) Personal Information & Electronic Documents Act (PIPEDA – CDN) Data Protection Act (UK) PCI Data Security Standard (PCI DSS – Global)
The challenge with FDE: keep costs and IT complexity low
Business Challenge
As employees become more mobile and the data they access can rest anywhere, it is becoming increasingly difficult for IT to ensure the security of that data.
InformationWeek 2013 Mobile Security Survey
78%
28%
39%
Primary Security Concern: Lost or Stolen Devices
Require Hardware or Software Encryption
Have MDM systems with Remote Wipe
Complicated
Expensive, Bitlocker is for free
Customer experience
Affects performance
Organizational challenges linked to encryption
often mentioned…
© 2013 WinMagic. All rights reserved. 7
Manage encrypted environments
SSD - SED
OPAL (OSA)
Optimal world: Flexible, Future Proof, OS support, no changes to existing processes
BitlockerFile Vault IIHardware Vendors
Single Management Console(harddisc encryption (HW/SW based), removable media encryption, File & Folder
encryption, Server encryption
e.g. UEFI (Win 8)
Our Differentiators
Strong industry validation
Global computing leaders, including HP and Lenovo, choose WinMagic to secure their customers’ most important asset – their data.
One console, any platform
Centrally manage and secure corporate data, no matter where it resides.
Overcome challenges of pre-boot authenticationStreamline IT management while providing a simplistic end user experience to accessing secured information.
Unparalleled self-encrypting drive managementEasily deploy and manage SEDs for maximum performance and data security.
Easy Integration into accounts with multiple devices
Full Mobile Device Management (MDM) support and tracking from a single console
Support for Windows, Linux, Android, OS X (FileVault2), iOS
Devices will be secure and compliant
Satisfying requirements for IT Management and End Users
One console, any platformCentralized Management
Approaching cost parity with standard HDDs
Fast encryption & system performance
Demand & Supply are Increasing
Best of both hardware & software
Unparalleled self-encrypting drive managementOpal SED Support
Changing Marketplace – Industry Convergence
SSD – SED - eDrive
Hardware Encryption
OEM’s
Built In Encryption
SoftwareEncryption
Single Console
Management
Strong Industry Validation
Pre-installed on all HP Business PCs & Laptops
Seamless upgrade with SecureDoc for HP
OEM Relationships
First to market with Win8 & UEFI Support
Deep integration with ThinkVantage Tools
Unique pre-boot networking functionality
Pre-boot network authenticationEnables authenticated users to boot their device without a local key file and validate credentials before ever accessing the operating system.
PBConnex
11010010010101110010110000110101010110101101001010010101010010010101011001010101SES Active
Directory
User
© 2013 WinMagic. All rights reserved. 14
Recap: Manage encrypted environments
SSD - SED
OPAL (OSA)
Optimal world: Flexible, Future Proof, OS support, no changes to existing processes
BitlockerFile Vault IIHardware Vendors
Single Management Console(harddisc encryption, removable media encryption, File & Folder encryption, Server
encryption, Cloud)
e.g. UEFI (Win 8)
© 2013 WinMagic. All rights reserved. 15
WinMagic Solution – Flexible, Future Proof, no changes to existing processes
SSD - SED
OPAL (OSA)
HP Drive Encryption
Single Management ConsoleSecureDoc Enterprise Server (SES)
incl. Removable Encryption/Management PBConnex for Win (SW based), SED (hardware based), Bitlocker
(optional File & Folder Encryption & Server Encryption)
File Vault II
OEM’s
Flexible between Bitlocker, WinMagic SW based or OPAL , optional e- Drive)
Encryption Management evolution
Value
Best
BenefitsBest TCO
Highest Level of Security
Better
OK
Extending the ProtectionMaximizing Value
Minimum Complianceat least Key Backup
SEDs +
Bitlocker +/or
Bitlocker
Optimal BitLocker Management
Choose your pre-boot preference – SecureDoc pre-boot with
PBConnex or Standard BitLocker pre-boot with SecureDoc
enhancementsStandard BitLocker TPM protection options
Manage Conversion Options – BitLocker defaults to AES 128-bit
Set BitLocker policy on supported devices or leverage SED or SecureDoc encryption
SES vs. MBAM - PBA
SES BitLocker ManagementMicrosoft BitLocker Administration and Monitoring (MBAM)
With SecureDoc Pre-boot With BitLocker Pre-boot BitLocker
Unique user authentication at pre-boot P O OPre-boot network user authentication (AD) P O OMultifactor authentication - Tokens, smartcards, biometrics P O OSecure network auto unlock P O POffline self help password recovery option P O OChallenge and response password recovery P O OCustomizable Pre-boot Screen P O O
SES vs. MBAM – Security Features
SES BitLocker ManagementMicrosoft BitLocker Administration and Monitoring (MBAM)
With SecureDoc Pre-boot With BitLocker Pre-boot BitLocker
Single Sign on P O OPassword Synchronization P P OPolicy driven removable media encryption with key management P P O
Policy driven File and Folder encryption with key management P P O
Challenge and response pwd recovery for removeable media encryption P P O
Port Control P P O
SES vs. MBAM – Auditing
SES BitLocker ManagementMicrosoft BitLocker Administration and Monitoring (MBAM)
With SecureDoc Pre-boot With BitLocker Pre-boot BitLocker
Client pre-boot login auditing P O OBitLocker Recovery key access auditing P P O
SES vs. MBAM – Installation & Deployment
SES BitLocker ManagementMicrosoft BitLocker Administration and Monitoring (MBAM)
With SecureDoc Pre-boot With BitLocker Pre-boot BitLocker
Single location to configure BitLocker policies (No need to configure GPO) P P OAutomatic TPM Provisioning P P OAbility to secure and manage OS that do not support BitLocker P P OSupports Self Encrypting drives (TCG OPAL drives) P P OSupports Self Encrypting Drives (E-Drive) P P PSupports importing of standalone BitLocker enabled machines into centralized management P P OSilent deployment with no user interaction P P O
SecureDoc BitLocker Management
• Best BitLocker Management solution in market today
• Better IT administration with pre-boot network authentication
• Multiple users on single system• Support for multi-factor pre-boot
authentication• TPM activation support
Cost of FDE solutions only a fraction of overall administration costs
The Value of FDE outweighs costs by 4 to 20x depending on the region
There is no ‘free’ encryption once administration costs are factored in
TCO of Encryption
PBConnex™Reduce TCO of overall IT administration significantly
Cut password reset time by 75% Cut PC staging time by 75%
Savings of up to $240,000 per year in an 8,000 seat environment
BitLocker + PBNA Saves CostPBConnex
About WinMagic
Headquarters Founded Customers CertificationsToronto, Canada 1997 Over 84 countries
2002Received first ever NIST certification for AES
2006First full-diskencryption toreceive FIPS 140-2 Level 1 & 2 validations
Timeline
1998
2000
2010Introduced first FDE solution that offers Pre-Boot Networking (PBConnex)
PBConnex
2004
2005
2008
2009
2011
2012PBConnex
© 2013 WinMagic. All rights reserved. 26
Connect with us
For Switzerland:Georg GannDirector Enterprise Sales CEE, [email protected]+49 176 100 34 551
Jens AlbrechtCEO, Security [email protected]+41 41 748 72 00www.insinova.ch
27
Connect with Us
Web - www.winmagic.com/de
www.twitter.com/WinMagic
www.facebook.com/WinMagicInc
www.linkedin.com/company/WinMagic
www.youtube.com/WinMagicInc
blog.winmagic.com