Desktop Encryption Features
Desktop Encryption Services provide small and mid-size organizations with comprehensive, continuous disk encryption, enabling quick, cost-effective protection for data on Windows-based and Apple Mac-based desktops and laptops. The encrypted data is continuously protected from unauthorized access, providing strong security for all of your data, including intellectual property, customer and partner data and corporate brand equity.
Features of the mindSHIFT Desktop Encryption Service include:
- Easy, automatic operation. Protect data without changing the user experience.
- Rapid deployment. Accelerate encryption deployment by avoiding the time-consuming upfront evaluation, technology training, selection, procurement and implementation/installation processes.
- Encryption all the time. Ensure that all data on users’ systems is encrypted, even when they’re offline.
- Enforced security policies. You don’t have to train—and trust—users to save all of their data in an encrypted folder.
- Easy, ongoing management. Avoid the time-consuming hassle of getting up the technology curve, and supporting and managing the technology day-in, day-out.
- Best-in-class encryption technology. Keep private data private by using PGP AES 256-bit encryption—which far exceeds the 128-bit encryption that most regulations stipulate for your organization to avoid reputation-damaging data breach notifications.
For more information on Desktop Encryption Services, contact us and let our managed IT services team help you produce results.
Feature |
Description |
| Data Encryption Algorithm |
PGP AES 256-bit encryption |
| Operating Systems |
Windows workstation operating systems |
| Full Disk Encryption |
Yes; standard implementation |
| Access to Encrypted Data |
Complete protection via pre-boot authentication using user's Windows logon |
| Sign-on Process |
Single sign-on; users use their existing Windows password via Microsoft Active Directory integration vs. other systems which require dual authentication (dual sign-on is available as an option) |
| Partition Support |
Available as an option to standard full disk encryption |
| Distribution and Installation Process |
Automated using systems management tools; mindSHIFT manages entire process |
| Initial Encryption Process |
Minimal performance impact; can be suspended at any time |
| Pre-boot Authentication |
Yes |
| Key and Passphrase Storage |
In an encrypted format |
| Screen Saver Compatibility |
Yes |
| Standby and Hibernation Mode Support |
Yes |
| Policy Update Distribution |
Automatic distribution to installed end user systems |
| Policy Enforcement |
Automatic once encryption is deployed and policies are defined |
| User Group Management |
Automated with Microsoft Active Directory integration |
| User Experience |
Transparent; the only change is a pre-boot authentication which requires user’s Windows login (this can replace or supplement the normal Windows login) |
| Access if Passphrase is Lost or Forgotten |
mindSHIFT can issue a one-time use recovery passphrase |
| Dual-boot System Compatibility |
Yes |
| LDAP Directory Support |
Full compatibility with Microsoft Active Directory |
| Ongoing Management |
Done by mindSHIFT using mindSHIFT's Hosted PGP Universal Server |
| Service and Support |
Managed completely by mindSHIFT |
| Price |
A single predictable monthly fee; no costly upfront hardware or software costs |