iTnews
  • Home
  • Features
  • Technology
  • Security

Review: Encryption Plus Hard Disk

By Geoff Marshall on Nov 1, 2003 12:00AM

Encryption Plus Hard Disk encrypts entire hard disks or selected partitions. Encryption of the OS files is optional. It also offers pre-boot authentication whether or not the operating system files are encrypted.

Encryption Plus Hard Disk encrypts entire hard disks or selected partitions. Encryption of the OS files is optional. It also offers pre-boot authentication whether or not the operating system files are encrypted.

This effectively prevents unauthorized use of the computer. Supported operating systems include Windows NT/2000/ XP. A version is available that is certified against the Common Criteria at Evaluation Assurance Level 1.

A username and password must be entered before access is granted to encrypted drives and partitions that may be available to that user. This login is required before the Windows login screen appears and it is optional to enable single sign-on, which automatically completes the Windows login using the users Windows credentials (which Encryption Plus stores in an encrypted file). Any file created or placed on an encrypted drive is automatically encrypted.

The administrator can optionally prevent a user from permanently decrypting drives that have been encrypted. Only local hard disks can be encrypted - not network drives.

Key recovery is provided in three ways. A hierarchy of users and 'corporate' and 'local' administrators means that administrators can access all user files encrypted by lower-level users. Secondly, the helpdesk can generate one-time passwords based on a challenge-response system. Finally, there is AuthentiCheck, which is very popular with users and helpdesks alike because it automates password recovery by enabling the user to define three questions and answers, which can be quite long and complicated if desired. When a user forgets his password, he is asked these three questions by the computer and must answer them exactly as he pre-defined them to recover it.

Encryption Plus Hard Disk is easy to deploy, as the administrator can create install disks, which may be distributed to users so they can install the administrator's pre-defined configuration.

Passwords can be up to 24 characters and strong password policies can be enforced. Although the bulk data encryption is based on the 256-bit AES secret-key algorithm, Encryption Plus also uses RSA public-key technology to encrypt the AES encryption key using the username and password.

For:

Good automated secure password-recovery minimizes helpdesk load. 


Against:

Does not encrypt files for transmission by email, on removable media, or stored on network drives


Verdict:

A good pre-boot authentication and disk encryption program with all the administration, deployment, and recovery features demanded by enterprise customers.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
diskencryptiongrouphardplussecuritytest

Partner Content

The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Geoff Marshall
Nov 1 2003
12:00AM
0 Comments

Related Articles

  • Post-quantum cryptography algorithms named
  • OpenSSL fixes remote code execution bug
  • HTTP/3 becomes a standard, at last
  • Google open sources data centre scale encryption
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Telstra deregisters 900MHz sites “hindering” Optus 5G rollout

Telstra deregisters 900MHz sites “hindering” Optus 5G rollout
Aussie Broadband nears end of NBN PoI fibre rollout

Aussie Broadband nears end of NBN PoI fibre rollout
Australian court finds insurer not liable for ransomware clean-up costs

Australian court finds insurer not liable for ransomware clean-up costs
Defence, DEWR drop $160m on Microsoft software, Azure

Defence, DEWR drop $160m on Microsoft software, Azure

Digital Nation

Criteo to fork out $94.7m for consent breaches
Criteo to fork out $94.7m for consent breaches
Australia will lose 11 percent of jobs to automation by 2040: Forrester
Australia will lose 11 percent of jobs to automation by 2040: Forrester
COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
Domino’s invests in observability for zero contact delivery
Domino’s invests in observability for zero contact delivery
Megatrends shaping the next 20 years: CSIRO
Megatrends shaping the next 20 years: CSIRO
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.