Review: SecureDoc

By on
Review: SecureDoc

SecureDoc is a competent full disk encryptor that uses the AES algorithm and SHA-2 hashing. It works with a token to which the user can save the key file, rather than saving it on the computer. This adds significant extra security – if the user does not store the USB token in their laptop case. The product also supports basic password security and quite a wide range of third-party pre-boot authentication products.

SecureDoc is FIPS 140-1 level 2 compliant and has been certified to the Common Criteria (ISO 15408) to EAL 2. This says the product performs as represented, but is not as rigorous as higher EALs. For example, it is common in the firewall industry to be certified to EAL 3 or 4.

There is a Forteza-based version of the product that is certified by the National Security Agency for use on material classified ‘secret’.

We found the product installed easily unless the token was being installed, when the documentation failed us and we found the installation challenging. Uninstall can’t be performed without decrypting the disk. We would have expected that step to be part of the uninstall.

In addition, organizations deploying SecureDoc will need to spend a bit of time pre-planning. While this always is a good practice, it is essential here. Enterprise management requires the use of WinMagic’s SecureDoc Enterprise Server.

Because there is no single administrator password, and thus no way to compromise the enterprise simply by knowing an admin password, key management is critical. Each computer is encrypted with a different key and that key is stored centrally for use by the administrator. This is more secure than the single admin password approach to enterprise administration.

We would have selected this as a Best Buy or Recommended product were it not for failings in the documentation and difficulties in contacting support (we never got past the voicemail). However, despite that, we recommend SecureDoc for its robust security and its unique encryption approach. And at this price, it is a good value.

For: Strong encryption architecture with robust security. Extensively certified.
Against: Documentation and support weak. Can be complex to install. Requires an additional server for enterprise management.
Verdict: A robust, creative approach, using standard algorithms and well certified. Can be tricky to install and the support and documentation are limited. Expect to become locally self-sufficient for support.


Most Read Articles

Log In

|  Forgot your password?