You may already know that enabling full disk encryption (FDE) for your fleet of user systems can prevent a future disaster. But for those who need some convincing, here are five reasons to require FDE.
When every hard drive on every system at your office has data at rest encryption enabled, your security posture is stronger. A stolen laptop is no longer an existential security threat. The data simply won’t be accessible to the thief without another vector of attack (e.g. stolen credentials).
This is IT at its best: containing a broad, physical threat with a systematic, IT-based solution.
Any user who has ever used FileVault or BitLocker knows that it’s simple to enable FDE on their machine. In fact, it takes mere seconds to enable FDE on most systems. The challenge for most IT organizations is making enabling FDE automated and an auditable process. It must also be foolproof, which means having a securely escrowed recovery key. In order to check all of these boxes and to effectively require FDE at the scale of an enterprise or even an SMB, a solution must automate FDE enablement for both Mac and Windows systems, regardless of the number. These tools make full disk encryption simple: again, it can take just seconds to enable FDE on a system, or to enable it on every system.
While there are a couple of different solutions for FDE management out there, some make it more simple than others. If you have a heterogeneous environment and would like one tool that can manage both Windows® and Mac® systems, then we recommend you include our solution (JumpCloud® Directory-as-a-Service®) in your evaluation process. Learn more about requiring FDE with JumpCloud here.
#3 Minimal Downside
Every action has a possible negative consequence. This is notoriously true with IT security measures. Take MFA, for example: great for security, inconvenient for users. FDE has a couple of downsides, but they’re minor ones.
The biggest inconvenience with FDE is that it makes booting up the machine slightly slower. Obviously, nobody enjoys (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Nick Scheidies. Read the original post at: https://jumpcloud.com/blog/reasons-require-full-disk-encryption/