How to Improve your Security Posture with Full Disk Encryption

How to Improve your Security Posture with Full Disk Encryption

Choosing to enforce full disk encryption (FDE) could be one of the smartest decisions an IT organization makes. Below, we’ll explain how to make full disk encryption part of your security policy and how to do it easily with a cloud-based FDE management solution.

Why FDE Should Be Mandatory

FDE Mac Windows

FDE is a mission-critical initiative because your data is the lifeblood of your organization. Your Mac® and Windows® devices likely contain sensitive information on their hard drives. In the event that a device with an unencrypted drive is lost or stolen, there’s no way to stop a thief from accessing the information stored on it. This is true regardless of whether the thief has the password for the system. Savvy hackers can bypass the need for credentials and access an unencrypted drive without breaking a sweat.

Here are the top five reasons to require FDE.

How to Enable Full Disk Encryption

FDE for Mac and Windows machinesEnabling FDE on an individual system is simple. Windows and macOS both offer native apps for FDE with BitLocker and FileVault 2, respectively. While, enabling FDE manually might be simple to do on your personal system, it’s a little more complicated when deployed across an organization. For starters, simply deploying it can be a pain. You can ask users to do it themselves, but there’s no way to tell if they actually did. And what happens when they’ve locked themselves out of their system? Do you have the recovery key? In order to make FDE part of your security policy, you should consider a system management provider that can enable FDE to your entire fleet in just a few clicks, mandate that it be enabled by users and securely escrow their recovery keys.

How to Make FDE Part of Your Security Policy

If you’re currently using Active Directory® (AD), there are group policy settings available that backup recovery keys to AD. If your not using AD, this will be a manual process, or you’ll need a 3rd party tool to manage process.

While there’s not a tool native to Macs to manage FDE, there are a variety (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Nick Scheidies. Read the original post at: https://jumpcloud.com/blog/fde-security-policy/

Nick Scheidies

Nick Scheidies is a life-long of computer technology since he could first use a mouse and keyboard. In his role as Content Marketing Manager at JumpCloud, Nick has specialized in learning about identity security and cloud-based infrastructure for IT organizations.

nick has 23 posts and counting.See all posts by nick