Managed Disk Encryption Service Overview

Disk encryption, which minimizes the likelihood of a data breach, has become a requirement for businesses of all sizes. mindSHIFT’s managed disk encryption service ensures that data stored on laptops and desktops doesn’t fall into the wrong hands, even if the PC does.

What is Disk Encryption? Wikipedia defines disk encryption as a type of encryption which encrypts every bit of data that goes on a disk or disk volume. The term full disk encryption, also called whole disk encryption, is often used to signify that everything on a disk is encrypted, including the programs that can encrypt bootable operating system partitions.

For laptops and desktops, organizations have two choices:
• to encrypt files and folders on the hard drive only, or
• to use “full disk encryption”

Why Full Disk Encryption? 

Generally speaking, full disk encryption, also called whole disk encryption, is the preferred approach because it scrambles all the data on an employee’s laptop and desktop hard drives so that only the authorized user of the workstation can access and use the applications and files on that system.

Full disk encryption doesn’t leave the decision about which folders and files to encrypt to the end user. Your users may only encrypt their files on their home and C: drives – being unaware that temporary and swap files are equally sensitive and must be encrypted as well.

Full disk encryption removes compliance obligations from the user and returns the control and safeguarding of data to those who are responsible for it — the business leaders.

Managed Disk Encryption Service

mindSHIFT offers a fully-managed encryption service that protects and secures all of your organization’s hard drive data and enables you to comply with privacy regulations, such as the new Massachusetts law 201 CMR 17.

mindSHIFT’s Managed Disk Encryption Service (MDES), designed specifically for small and medium-sized businesses, encrypts entire disk drives -- including all information and systems-- not just files on your users’ home and C: drives. You can use this comprehensive approach to protect confidential data and comply with privacy regulations.

You know you need encryption. But why as a Service?

Simple. It's Easy. Convenient. Affordable.

Unlike most other disk encryption solutions, the mindSHIFT offering is a fully-managed service -- meaning your organization can quickly get up-and-running with encryption and start complying with privacy laws within days – vs. the months-long process of up-front evaluation, procurement and implementation that is necessary to enable disk encryption in-house.

Doing disk encryption yourself can add to management complexity and can be expensive to deploy at scale. Encryption as a fully-managed service moves the technology burden to experts who live and breathe it every day. These experts are your partners not only for the implementation, but also for maintenance and ongoing service and support. Even better, you pay a single, affordable monthly fee for the service – no costly up-front fees for hardware and software.

With the mindSHIFT disk encryption service, you can also leverage elements of mindSHIFT’s infrastructure, such as key servers.

The Managed Disk Encryption Service (MDES) from mindSHIFT is easy, convenient, and affordable. Like mindSHIFT’s other managed IT services, it provides a technology solution that works for your business.

How does the Managed Disk Encryption Service work?

The Disk Encryption engine operates at a system level between the operating system and the disk drive, providing user-transparent, sector-by-sector disk encryption and decryption. A successful pre-boot authentication unlocks the decryption key, enabling users to work without any other changes to their experience – they simply use their Windows password when prompted before the system boots.

What You Gain from Managed Disk Encryption Service

Not sure if the managed disk encryption service is for you? Here are some questions to consider.

Will a Full Disk Encryption Service help me meet the legal requirements of Mass 201 CMR 17 and other state privacy protection regulations?
Yes. Not only will it help you comply with the Mass law, which is effective January 1, 2010, but it also:

• Helps manage compliance with security and privacy requirements of the laws in 44 states, HIPAA and the Gramm-Leach-Bliley Act
• Provides strong security for intellectual property, customer and partner data

To be fully compliant with the new Mass law, you’ll also need to implement secure messaging through email and mobile device encryption solutions (available from mindSHIFT as a service later this year).

How quickly can my organization be using full disk encryption?
Like any other technology, the usage of disk encryption at your firm depends on how long it takes to:

• Research the technology
• Evaluate encryption solutions
• Select the vendor
• Procure software, licenses and/or hardware
• Get up to speed on the technology
• Design and architect
• Test
• Implement, install, roll-out

These steps can take months when done internally. Alternatively, organizations can bypass all of the up-front evaluation, procurement, internal training and implementation by purchasing encryption as a service. Because our IT experts have already done the up-front evaluation and are fully certified in the technology and its implementation, you can be up-and-running in a matter of days – without having to become an encryption expert.

How difficult is it to manage encryption?
Like any other technology, encryption requires ongoing monitoring and management – fixes, user support and upgrades. You can do this internally, if you have an IT resource, or outsource those tasks to a service provider like mindSHIFT. Either way, you have to be certain to implement and support it correctly or you might protect your data too well and not be able to retrieve it.

How long will it take for users to learn how to do encryption?
Not long at all. The encryption is done automatically. After initial install, encryption and decryption of the disk are transparent to both the user and the operating system. Users need only to supply their Windows logon when they are prompted (before their laptop or desktop boots up). It’s the same login so you don’t even have to create or provide new passwords or ask users to take any specific actions to encrypt. 

Does mindSHIFT offer other encryption services?
Managed disk encryption service is the first of several encryption service offerings. Expect email and mobile device encryption from mindSHIFT later this year.

What else can I do to prevent data loss?
For complete protection and peace of mind, mindSHIFT recommends a three-pronged approach to securing confidential information on laptops and desktops:

• Full disk encryption 
• Laptop theft recovery and data deletion 
• Offsite data backup 

Disk Encryption-Related Information

Managed Disk Encryption Service Features
Managed Disk Encryption Service Benefits
Managed Disk Encryption Service FAQ
Ten Tips to Deter Laptop Theft
Laptop Theft Recovery and Data Delete Service
Data Backup Services
Protecting Personal Information: A Guide for Business (FTC) 

Download a brochure about our Managed Disk Encryption Service.

For more information on our Managed Disk Encryption Service, contact us or call 877-227-5054 and let our experience help you produce results.

 

SERVICES

Email

Hosted/Cloud Services

Virtualization/Servers

Desktops

Storage

Managed Hosting

SERVICES continued

VoIP

Security

Mobility

SharePoint

Websites/CMS

Application Development

DR/Business Continuity

Professional Services

 

 

RESOURCES

Testimonials

Support

Technology Showcase

White Papers

INFORMATION

Live Chat

About mindSHIFT

Leadership

Events

News

Careers

Resell SaaS

Contact Us