Hard Disk & Email Encryption
Hard Disk Encryption
Full-disk encryption (FDE) is encryption at the hardware level. FDE works by automatically converting data on a hard drive into a form that cannot be understood by anyone who doesn’t have the key to “undo” the conversion. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. FDE can be installed on a computing device at the time of manufacturing or it can be added later on by installing a special software driver.
The advantage of FDE is that it requires no special attention on the part of the end user after he initially unlocks the computer. As data is written, it is automatically encrypted. When it is read, it is automatically decrypted.
FDE is especially useful for laptops and other small computing devices that can be physically lost or stolen. Because one key is used to encrypt the entire hard drive, FDE on the corporate level requires the network administrator to enforce a strong password policy and provide an encryption key backup process in case an employee forgets his password or leaves the company unexpectedly.
Our enterprise grade solution provides true real-time "on the fly" 256-bit disk encryption. Providing advanced FDE (Full disk encryption) as opposed to VDE (Virtual disk encryption) or "container" encryption and is an important evolutionary step in the field of transparent data protection.
Our solution is also the only disk encryption software on the market able to hide an entire operating system inside the free disk space of another operating system. You can practically define two passwords for your encrypted disk: One password is for the visible operating system, the other for the invisible one. The first "fake" password gives you access to a pre-configured operating system (outer OS), while the other gives you access to your real working operating system. This functionality is extremely useful if you fear that someone may force you to provide the decrypt password; in this case, you simply give away the first (fake) password so that your attacker will be able to boot your system, but only see the prepared information that you want him to find. The attacker will not be able to see any confidential and personal data and he will also not be able to understand that the machine is storing one more hidden operating system. On the other hand, if you enter your private password (for the invisible disk), your system will boot a different operating system (your working system) giving you the access to all your confidential data. The creation of a hidden operating system is not obligatory and as such, it is not possible for anyone who does not have the hidden OS password to know or find out if a hidden operating system exists or not.
Some of the main features & benefits:
- Boot protection
- Pre-Boot authentication: Login before starting the operating system
- Multiple OS boot support (Microsoft)
- Invisible operating system (allows hiding the entire operating system
- Full or partial hard disk encryption
- Sector level protection
- Complete "power off" protection i.e. unauthorised users are prohibited from starting up the PC
- AES 256 bit encryption
- No size limitation for encrypted disks
- Manages an unlimited amount of encrypted disks simultaneously.
- Allows steganography to hide data into pictures
- Trojan and keyboard sniffer protection preventing passwords from being sniffed / captured (red screen modus).
- Anti-dictionary and brute-force attack mechanisms (due to the nature of DCPP, it is the most difficult system to attack Compared to anything else available.)
- Encrypts almost any kind of media (hard disks, floppy disks, ZIP, JAZ, etc...)
- Administrator /user specific rights
- USB-Token authentication at pre-boot level (Aladdin R2 and Rainbow USB-Token)
- Facility to validate the integrity of the encryption method.
- Recovery disk for "disaster recovery"
- Easy to install, deploy and use.
- Completely transparent to the user
- Minimal administration and user training.
Securing sensitive personal information for customers, partners and employees isn’t just a best practice — it’s often the law. Compliance with regulations is a priority for healthcare, financial services and government organizations; it may also need to be a priority for your organization. Even if your organization doesn’t fall directly under those industries, doesn’t mean you’re in the clear.
In the current enterprise environment, email can be considered crucial for the business to flourish. While these emails are the back bone of corporate communication, that mostly contain exchanges of confidential proprietary information between trusted parties. Companies fail to comprehend the threats they can face on the internet and how these emails can easily be the source of an information leak.
While you have industry standard perimeter IT security in place, there is no way you can keep track and protect email communications that have left the organization’s secure perimeter unless you have a proper email encryption solution.
It is also important to note that you should sign or encrypt all of your messages, not just the confidential or sensitive ones. If you only encrypt a single email message because it contains your credit card information and an attacker is intercepting your email traffic they will see that 99% of your email is unencrypted plain-text, and one message is encrypted. That is like attaching a bright red neon sign that says "Hack Me" to the message.
If you encrypt all of your messages, it would be a much more daunting task for even a dedicated attacker to sift through. After investing the time and effort into decrypting 50 messages that just say "Go ahead" or "Lets confirm on the schedule?" or "Yes, I agree" the attacker will most likely not waste any more time on your email.
And we have the right solution that can ensure all your incoming/outgoing emails are encrypted at the gateway level, ensuring that all your email communications are secure and confidential.
Encrypted email can be sent to anyone and the encryption does not require a separate server. Neither the sender nor the recipient of the email needs to install any software. The first email acts as a 'handshake' which establishes the use of encryption between two parties.
Our solution is also available as a physical or virtual appliance allowing fexibility on how each organization wants to deploy it as and includes the following core features:
- Anti-Spam Technology
- Anti-Virus Technology
- 256 bit AES encryption for email
- Microsoft Outlook integration
- Active Directory integration