Managing Security and Compliance

10 years ago

One of the more common IT headaches in medium to large sized organizations is managing mixed environments. It’s not just different operating systems and software applications but also devices of various form factors, be it servers, desktops, laptops, tablets and ultra-portables, smartphones, etc.

Over the past decade, growth of BYOD and Cloud Computing has compounded the complexity. Mobile devices leave the enterprise network frequently but they still require access to IT resources. On the flip side IT would want to have control over what these devices can and cannot do outside the network. Cloud Computing extends the network well beyond physical confines of the organization. Cloud-based services and resources offered by the likes of Amazon and Rackspace have become an integral part of enterprise IT infrastructure. IT departments are constantly seeking methods and tools to optimize processes, reduce management costs and at the same time provide satisfactory levels of service.

The particular focus of this blog is typically data protection and more specifically security of data at rest. We believe the correct approach to achieving security in the most cost-effective manner across various platforms and devices is centralized management via a single console. Using this console administrators and others responsible for data security can define data security policies in a more generic manner first that is applicable regardless of software or hardware platform (e.g. enforce Full Disk Encryption on all endpoints). Once confident that the data security policies meet the compliance requirements, these policies would be customized for platform specific requirements. For instance Full Disk Encryption policy enforcement at the endpoint level for an organization with a diverse set of platforms could entail:

Hardware encryption for devices with Self-encrypting Drives (SEDs)
Software encryption for Windows desktops
BitLocker encryption for Surface Pro tablets
FileVault 2 encryption for Macs
KNOX container encryption for Samsung Smartphones
Native iOS encryption for iPhones and iPads
EBS Volume Encryption for Amazon EC2 Instances

This type of consolidation of management of data security into a single console that has the capability to push consistent compliance requirements down to all supported platforms has significant TCO advantages. Duplication of effort is minimized, scaling the implementation is easier, monitoring and auditing is uniform and centralized. As business needs and compliance requirements change, it would be easy to rollout those changes across the enterprise.

Check out SecureDoc Enterprise on our website to learn more about the benefits of centralized management of data security via a single console.

Garry McCracken https://winmagic.com

Garry, a CISSP, has more than 30 years of experience in data communications and information security. He has contributed to the development of WinMagic's full-disk encryption solutions for desktops, laptops, and other mobile devices. When he is not saving the world of data encryption, he takes off his cape to relax and enjoy life at the cottage. Garry writes from a position of technical expertise since we first started SecureSpeak, making him the longest running blogger at WinMagic.

Put On Your Thinking Cap

Data Security Goes Beyond Encryption

Tackling the Caesars and MGM Hacks with Secure Authentication Fallback

Early September 2023, two of the world’s largest casino hotel companies — MGM Resorts and Caesars — were struck by…

October 3, 2023

Thi Nguyen-Huu

Why Relying on Phones for Online Authentication Is a Bad Idea

In 2022, the US Government released memorandum M-22-09 addressing the requirements for achieving zero-trust security. This introduction has sparked a…

September 18, 2023

Garry McCracken