The difficulty with file encryption is that users fail to remember to use it. A new server-based system from Applied Security asserts it can eliminate that impediment by handing the decision to encrypt data back to concerned administrators.
The company’s newly-launched fideAS file enterprise software may be used to encrypt data in files or folders on PCs, laptops, or even servers. Integrating with a Microsoft Active Directory for uncomplicated management, the advance is that none of this involves the user of that device making any choice for or against using such a security system. It is done transparently according to policies on which data needs to be secured.
The key distribution element can be given to users on smartcards or as tokens on plain USB drives. For additional security, the role of the system admin and the security admin is separated, guaranteeing that no one entity has overall access to the keys in a way that could be used to weaken the system.
The software has a small number of other facets that might prove useful. It can impose a level of endpoint control, for instance, stopping unauthorised hard disks or USB sticks from being plugged in to remove unencrypted data, and the automatic encryption of email attachments.
A separate free add-on tool for PCs, fideAS file safe, can be used for simple desktop encryption up to AES-256 level, together with that of outgoing email attachments.
One possible advantage of Applied Security’s approach to encryption is that it can secure ‘feral’ clients such as laptops, which are characteristically away from the safety of the network nearly all of the time, without having to get into the major headaches associated with full disk encryption (FDE) systems.