Desktop Encryption Features

Desktop Encryption Services provide small and mid-size organizations with comprehensive, continuous disk encryption, enabling quick, cost-effective protection for data on Windows-based and Apple Mac-based desktops and laptops. The encrypted data is continuously protected from unauthorized access, providing strong security for all of your data, including intellectual property, customer and partner data and corporate brand equity.

Features of the mindSHIFT Desktop Encryption Service include:

  • Easy, automatic operation. Protect data without changing the user experience.
  • Rapid deployment. Accelerate encryption deployment by avoiding the time-consuming upfront evaluation, technology training, selection, procurement and implementation/installation processes.
  • Encryption all the time. Ensure that all data on users’ systems is encrypted, even when they’re offline.
  • Enforced security policies. You don’t have to train—and trust—users to save all of their data in an encrypted folder.
  • Easy, ongoing management. Avoid the time-consuming hassle of getting up the technology curve, and supporting and managing the technology day-in, day-out.
  • Best-in-class encryption technology. Keep private data private by using PGP AES 256-bit encryption—which far exceeds the 128-bit encryption that most regulations stipulate for your organization to avoid reputation-damaging data breach notifications.

For more information on Desktop Encryption Services, contact us and let our managed IT services team help you produce results.

Feature

Description

Data Encryption Algorithm PGP AES 256-bit encryption
Operating Systems Windows workstation operating systems
Full Disk Encryption Yes; standard implementation
Access to Encrypted Data Complete protection via pre-boot authentication using user's Windows logon
Sign-on Process Single sign-on; users use their existing Windows password via Microsoft Active Directory integration vs. other systems which require dual authentication (dual sign-on is available as an option)
Partition Support Available as an option to standard full disk encryption
Distribution and Installation Process Automated using systems management tools; mindSHIFT manages entire process
Initial Encryption Process Minimal performance impact; can be suspended at any time
Pre-boot Authentication Yes
Key and Passphrase Storage In an encrypted format
Screen Saver Compatibility Yes
Standby and Hibernation Mode Support Yes
Policy Update Distribution Automatic distribution to installed end user systems
Policy Enforcement Automatic once encryption is deployed and policies are defined
User Group Management Automated with Microsoft Active Directory integration
User Experience Transparent; the only change is a pre-boot authentication which requires user’s Windows login (this can replace or supplement the normal Windows login)
Access if Passphrase is Lost or Forgotten mindSHIFT can issue a one-time use recovery passphrase
Dual-boot System Compatibility Yes
LDAP Directory Support Full compatibility with Microsoft Active Directory
Ongoing Management Done by mindSHIFT using mindSHIFT's Hosted PGP Universal Server
Service and Support Managed completely by mindSHIFT
Price A single predictable monthly fee; no costly upfront hardware or software costs