Endpoint security management has become more complex and costly due to a number of factors – from increased worker mobility to the proliferation of threats – and has magnified the importance for protecting critical information on endpoint devices. According to Privacy Rights Clearinghouse, more than 2.5 million personal records have potentially been exposed to date in 2011.
Often businesses do not have the resources to keep up with the changing threat environment, and they get overwhelmed as threats continue to advance. While budget constraints or even lack of awareness, often prevents an organization from adopting data protection solutions, they should understand the potential impact of a data breach on their organization. According to Ponemon Institute, the average organizational cost of a data breach incident, which is continuing to rise, in the U.S. is $7.2 million per data breach and $214 per compromised record.
Dell understands organizations are overburdened with the need to deal with complex threats. It requires a comprehensive and flexible security solution from a trusted source. Dell believes that organizations of all sizes should view security as an integral component of their IT infrastructures to reduce risk and deliver business assurance to their stakeholders. To help businesses reach this goal, Dell has made significant investments and progress in adding endpoint security to its comprehensive collection of services and solutions.
At Dell, we believe in creating the best experience for end users and IT, helping IT to gain the control they need to secure and manage their environment, while enabling end users to stay more productive than ever. It is also vital to understand how end users are using technology and understand their needs.
Dell is continuing to build on its investment from last November with the introduction of Dell Data Protection | Encryption (DDPE), which was designed by Dell and co-developed with CREDANT. Today at Dell World, we are announcing an expansion of the portfolio to bring a new level of security to customers concerned about protecting data on endpoints and information that flows through system ports. It also allows IT to protect data based on users, user groups, data sensitivity and performance needs.
The new offerings provide organizations with more complete protection and a high level of security for their data at rest on endpoint devices. It is aimed at securing laptops and desktops and complements Dell’s Enterprise Mobility Services, as well as Dell SecureWorks, to give customers a full security solution for managing their IT assets.
Dell Data Protection | Encryption Enterprise Edition includes four key offerings: Data-Centric Encryption, Full Volume Encryption, External Media Edition and Microsoft BitLocker Manager.
Data-Centric Encryption provides intelligent software-based encryption for Microsoft Windows and external media in a single solution that is ideal for mixed-vendor environments. This includes:
- Easy deployment and integration into IT environments through support for existing processes like authentication and patching, and supports Dell and non-Dell Microsoft Windows systems
- Simplified compliance management and auditing through one touch-compliance templates, remote management and quick system recovery
- System and attached storage protection, covering external storage security with a single solution
- Flexible encryption based on end-user, data sensitivity and compliance needs
- Sales and support from Dell
Full Volume Encryption is a Dell-exclusive technology that works with select Dell Latitude laptops, OptiPlex desktops and Dell Precision workstations to deliver a high level of security that won’t slow performance down. This entails:
- Full-volume encryption, where all data is encrypted (including the master boot record), provides military-grade security with U.S. Federal Information Processing Standards (FIPS) 140-2 Level 3 certification. This is one of the highest levels of certifications commercially available for endpoint disk encryption solutions that will appeal to customers wanting extra assurance that their data is protected and end users to stay productive. The solution is ideal for government organizations.
- An optional Hardware Encryption Accelerator processes encryption activities resulting in fast overall performance. It operates similar to a self-encrypting drive so customers can get better performance than software-based encryption without the limitations of drive size. In essence, any standard drive can become a self-encrypting drive with the Hardware Encryption Accelerator.
- External media encryption that protects data flowing out of ports (optical, USB, 1394, eSata, Express card, etc.)
- Encryption keys are protected by Hardware Encryption Accelerator and TPM
- A single agent is deployed for both Data Centric Encryption and Full Volume Encryption.
External Media Edition closes security gaps for detachable storage if customers are already protecting the disk and it allows IT to set policies for encrypting external media. With this solution, there is a minimal impact on users while giving IT granular control of data protection. Specifically, External Media Edition enables IT to:
- Manage, encrypt and report on any type of USB and/or removable media including USB keys, 1394, eSata, optical, external hard drives, SD and XD
- Set policies, automatically update and report while dynamically enabling or disabling ports
- Create a common key for sharing across an organization or specifics groups to provide protection without hindering productivity, including creating passwords for trusted third-party access
- Allow users to retain unencrypted personal information such as family photos, while still ensuring new corporate information copied is encrypted
External Media Edition is included with Data Centric and Full Volume Encryption or offered as a standalone product.
Microsoft BitLocker Manager was developed to help customers who want to use Microsoft BitLocker Drive Encryption simplify the management and protection of endpoints. It provides extensive audit capability, while helping customers on their path to compliance. This allows for:
- Enterprise-level management with centralized reporting and auditing
- Centralized escrow of recovery keys/passwords and full control of all policies without using native AD tools
- Improved enforcement of users who are local admins
- Automated initialization and management of the TPM
Dell Data Protection | Encryption Personal Edition is designed for small business and organizations that don’t have centralized IT departments. As a locally managed version of Dell Data Protection | Encryption Enterprise Edition, it includes Data Centric Encryption and Full Volume Encryption for select Dell Precision Workstations, Latitude Laptops and OptiPlex Desktops. It also allows smaller IT organizations to set encryption policies on the local system, backup escrow keys and enable a password to ensure that policies are not changed.
All solutions within the Dell Data Protection | Encryption Enterprise Edition portfolio are manageable from a single console, allowing IT to administer numerous devices, protect critical data without end user intervention and get on a path towards compliance.
Data Centric Encryption, External Media Edition and Bitlocker Manager for Dell Data Protection | Encryption Enterprise Edition are available today. Dell Data Protection | Encryption Personal Edition with Data Centric Encryption will be available Oct. 18. Full Volume Encryption for Dell Data Protection | Encryption Personal and Enterprise Editions is expected to be available later this year.
We will continue to invest in helping our customers secure and manage their intellectual property and sensitive data by providing tools that allow them to improve their efficiency and focus more on achieving their business goals.