RSS Feed

Drivecrypt Enterprise

Drivecrypt Enterprise - Hard Disk Encryption for Laptops and PCs

 

DriveCrypt Enterprise provides the ability to centrally deploy, manage and control hard disk encryption for all laptops and PC's in their organisation. Encrypting the hard drives of tens, hundreds or thousands of laptops, USB sticks and other removable media has been traditionally hard to deploy and manage.

Click Here For a Free Trial of DriveCrypt Enterprise

DriveCrypt Enterprise is the solution, allowing you to centrally deploy, manage and report and be totally secure in seconds.

  • Full Disk Encryption (Encrypts parts or 100% of your HardDisk including the operating System)
  • Pre-Boot authentication (BEFORE the machines boots, a password is requested to decrypt the disk and start your machine)
  • Allows secure hiding of an entire operating system inside the free space of another operating system.
  • Strong 256bit AES encryption
  • USB-Token authentication at pre-boot level

 

DriveCrypt | Pre-boot | full disk | how does it works? | Hidden OS | Features and Benefits

DriveCrypt Plus Pack provides true real-time "on the fly" 256-bit disk encryption. Providing advanced FDE (Full disk encryption) as opposed to VDE (Virtual disk encryption) or "container" encryption, DriveCrypt is an important evolutionary step in the field of transparent data protection.

DriveCrypt allows you to secure your disk(s) (including removable media) with a powerful and proven encryption algorithm (AES-256) at the sector level, ensuring that only authorized users may access it. The encryption algorithm used by DriveCrypt is a trusted, validated algorithm chosen by the National Institute of Standards and Technology (NIST) and stated to be the cryptographic standard for years to come. AES-256 is a FIPS-approved symmetric encryption algorithm that may be used by U.S. Government organizations (and others) to protect sensitive information.

DriveCrypt file encryption software is automatic and completely transparent to the user. Not only does this decrease user involvement and training requirements, but also it creates the foundation for enforceable security. The careful integration of boot protection and automatic encryption provides a high degree of security with minimal impact on users. Boot protection prevents subversion of the operating system (via floppy boot-up, for example) or the introduction of rogue programs while sector by sector encryption makes it impossible to copy individual files for brute force attacks. DriveCrypt Windows encryption safeguards the operating system and the important system files (which often contain clues to passwords for Windows).

DriveCrypt is the fastest and most feature-rich real-time full disk encryption system available, Special care has been taken to render all cryptographic parts as invisible & transparent as possible.

▲ top

Pre-Boot Authentication

The user is authenticated by means of pre-boot authentication (PBA) before the system is started and therefore before the operating system is booted. This kind of authentication cannot be manipulated, PBA therefore guarantees maximum security. Neither keys nor passwords are stored on the PC's hard disk. All of the information required to boot the operating system is derived from the password. This makes the use of hard disk tools for analysing the hard disk completely ineffective. PBA in provided by a system call BootAuth and is a fully graphical login screen.

▲ top

Full disk Encryption

Automatic & transparent Full disk encryption (FDE) offers several key advantages relative to file encryption. FDE secures the system and temp files that often contain sensitive data but are missed by file encryption. Even removing the drive itself does not give access to any file or directory structure. FDE is performed sector by sector without creating temp or backup files. As a result, large files will decrypt without delay whereas file encryption is normally much slower. Whole disk encryption also avoids such time consuming tasks as secure deletes of temp files or work files in clear text, and obviates the need to do a full delete on disks to be discarded.

▲ top

How does it work?

As data is read from the hard disk, DriveCrypt automatically decrypts the data before it is loaded into memory. When data is written back to the hard disk, it is automatically re-encrypted. This process is completely transparent to the user or any application programs, the data is caught "on the fly" as it transfers back and forth between the hard disk and memory. Consequently, users don't need to remember to decrypt or re-encrypt their data, or change the normal operation of their PC. In addition, only individual sectors are decrypted at any one time, not the whole hard disk. Other products that claim to be "on the fly" decrypt an entire file and load it into memory, creating significant security risks. DriveCrypt is smarter and more secure because it decrypts only the specific sectors of a file that are in use. Unprotected data never resides on a DriveCrypt encrypted disk.

▲ top

Hidden Operating System:

DriveCrypt is the only disk encryption software on the market able to hide an entire operating system inside the free disk space of another operating system. You can practically define two passwords for your DriveCrypt encrypted disk: One password is for the visible operating system, the other for the invisible one. The first "fake" password gives you access to a pre-configured operating system (outer OS), while the other gives you access to your real working operating system. This functionality is extremely useful if you fear that someone may force you to provide the DriveCrypt password; in this case, you simply give away the first (fake) password so that your attacker will be able to boot your system, but only see the prepared information that you want him to find. The attacker will not be able to see any confidential and personal data and he will also not be able to understand that the machine is storing one more hidden operating system. On the other hand, if you enter your private password (for the invisible disk), your system will boot a different operating system (your working system) giving you the access to all your confidential data. The creation of a hidden operating system is not obligatory and as such, it is not possible for anyone who does not have the hidden OS password to know or find out if a hidden operating system exists or not.

▲ top

Features and Benefits

Some of the main features & benefits:

  • Boot protection
  • Pre-Boot authentication (BEFORE the machines boots, a password is requested to decrypt the disk and start your machine)
  • Allows secure hiding of an entire operating system inside the free space of another operating system.
  • Multiple OS boot support (Microsoft)
  • Invisible operating system (allows hiding the entire operating system
  • Full or partial hard disk encryption
  • Sector level protection
  • Complete power off protection i.e. unauthorised users are prohibited from starting up the PC
  • AES 256 bit encryption
  • No size limitation for encrypted disks
  • Manages an unlimited amount of encrypted disks simultaneously.
  • Allows steganography to hide data into pictures
  • Trojan and keyboard sniffer protection preventing passwords from being sniffed / captured (red screen modus).
  • Anti dictionary and brute-force attack mechanisms (due to the nature of DriveCrypt, it is the most difficult system to attack compared to anything else available.)
  • Encrypts almost any kind of media (hard disks, floppy disks, ZIP, JAZ, etc...)
  • Administrator/user specific rights
  • USB-Token authentication at pre-boot level (Aladdin R2 and Rainbow USB-Token)
  • Recovery disk for disaster recovery
  • Easy to install, deploy and use.
  • Completely transparent to the user

System Requirements:
DriveCrypt Enterprise currently works on Windows NT /2000 /2003 /XP and Vista (client and server versions)

Click Here For a Free Trial of DriveCrypt Enterprise

For more information on the features and benefits of DriveCrypt please see the Datasheet