Skip to Content

Endpoint Encryption

Securing a moving target

Your enterprise network’s endpoints are literally moving targets and, until they are secure against attack, your business intelligence, reputation and bottom line are at risk. Most experts agree that full-disk encryption (FDE) is the best approach to securing data at the endpoint. But the question remains: Which FDE solution is right for you?

Traditional third-party, software-based FDE solutions impose long installation times, compromise a computer’s overall system performance and still leave data vulnerable to attack. Hence, more and more enterprises are opting for self-encrypting drives (SEDs). An SED’s encryption key is created onboard the drive during manufacture and it never leaves the drive’s protected hardware boundary. This not only makes SEDs impervious to software attacks, it also improves system performance, while reducing the cost of ownership.

Meanwhile, as many enterprises phase SEDs into their laptop fleet, they can tap emerging software-based encryption solutions made more powerful through native integration with a computer’s operating system (OS). Such is the case of Microsoft BitLocker® encryption, which comes preloaded with select Windows® 7 operating systems. OS integration enables BitLocker to seamlessly support the use of widely available onboard hardware security, the Trusted Platform Module (TPM). Thus, BitLocker substantially enhances the protection of sensitive data until the enterprise can fully adopt the superior value that only SEDs can deliver.

The most comprehensive FDE management available: EMBASSY® software

No matter what FDE technologies you select, and, regardless of the pace you choose to upgrade them, you need a comprehensive, centralized encryption management platform that applies equally to them all.

You need Wave System’s EMBASSY® Remote Administration Server (ERAS).

In terms of time and money, purchasing SED-equipped laptops is the fastest, most effective route to securing data at your network’s endpoints. But even that process takes time, invariably leading to a variety of FDE technologies across your enterprise. ERAS software manages endpoint encryption equally well for software FDE solutions, integrated OS solutions such as BitLocker and all commercially available SEDs.  Therefore, it not only provides a long-term solution for centralized control of your network endpoints, it can also help you smoothly transition from one FDE solution to the next.




Microsoft, Windows, and BitLocker are either registered trademarks or trademark of the Microsoft group of companies.