-
8/9/2019 SEE 6.0 Technical Presentation
1/19
Symantec Endpoint Encryption 6.0
-
8/9/2019 SEE 6.0 Technical Presentation
2/19
Symantec Endpoint Encryption 2
Data is Pervasive and Portable: Desktops and Laptops
Computer hard drives
Removable storage devices, such as CDs or USB drivesRisk for
organizations:
Loss of data and associated expenses
Data at Risk puts your Business at Risk
The Problem with Data
-
8/9/2019 SEE 6.0 Technical Presentation
3/19
Symantec Endpoint Encryption 3
-
8/9/2019 SEE 6.0 Technical Presentation
4/19
Symantec Endpoint Encryption 4
Fast-growing, mobile work force
93M laptops, 2008 - 170M USB dev., 50% CAGR
Disclosure is mandatory, costs are gigantic USA: SB1386 36 State
laws, 5 Federal bills
Encryption is the only safe harbor
Growing notification requirements, penalties
FSA, BASEL-II, Data Protection Act (UK / EU), EUDirective
95/46/EC
SOX, HIPAA, GLBA
Average tangible cost per breach: ~$7.5 Million1/15th as
expensive to prevent
Market Drivers
StricterCompliance
Increased
Mobility
Cost ofDisclosure
-
8/9/2019 SEE 6.0 Technical Presentation
5/19
What is Endpoint Encryption and How itWorks
-
8/9/2019 SEE 6.0 Technical Presentation
6/19
Symantec Endpoint Encryption 6
Product Overview
Symantec Endpoint Encryption 6.0 provides advancedencryption for
desktops, laptops and removable storagedevices. It offers scalable
security and preventsunauthorized access to endpoints.
Symantec EndpointEncryption 6.0
Symantec Endpoint EncryptionFull Disk Edition
Symantec Endpoint EncryptionRemovable Storage Edition
-
8/9/2019 SEE 6.0 Technical Presentation
7/19Symantec Endpoint Encryption 7
Endpoint EncryptionBusiness Benefits
Reduce Risk Protect sensitive, proprietary or protected data
Prevent erosion of trust, brand, goodwill and image
Eliminate the legal liabilities of a data breach
Prove that no information has been lost
Save Money and Time
Reduce time and cost of privacy compliance
Eradicate the customer service costs of data
breachdisclosure
Use data security as a competitive advantage
Disclosure(SB1386)
RemediationCost
Legal Liability
Brand Erosion
-
8/9/2019 SEE 6.0 Technical Presentation
8/19Symantec Endpoint Encryption 8
Endpoint Encryption key Highlights
Pre-boot Protection
Centralized Management
Support for 3rd party Authentication
Seamless Key sharing
Secure user recovery
Enforceable policies
Extensive Reporting
Multiple encryption algorithms
-
8/9/2019 SEE 6.0 Technical Presentation
9/19Symantec Endpoint Encryption 9
Symantec Endpoint EncryptionFull Disk Edition
Full disk encryption
Encrypts all disk sectors
Supports standby and hibernation modes
Excellent performance
Mandatory pre-boot authentication
Hardened pre-boot operating system
Single Sign-on
Token support
Automatic recovery
-
8/9/2019 SEE 6.0 Technical Presentation
10/19Symantec Endpoint Encryption 10
Symantec Endpoint EncryptionFull Disk Edition - continued
Multiple user / administrator accts.
Supports multiple users
Password recovery
Two recovery methods
Self Service
Help Desk assisted
Automatic client reportingand audit trail
-
8/9/2019 SEE 6.0 Technical Presentation
11/19Symantec Endpoint Encryption 11
Transparent, policy-based fileencryption
Multiple devices/media
USB flash drives, USB harddrives, SD cards, CF cards,CDs/DVDs,
iPods, etc.
Portability
Password protected executableto decrypt even if you dont havethe
application
Self-extracting files
Symantec Endpoint EncryptionRemovable Storage Edition
http://www.sxc.hu/browse.phtml?f=download&id=658960
-
8/9/2019 SEE 6.0 Technical Presentation
12/19Symantec Endpoint Encryption 12
Monitoring and logging Policies
Activity
Kiosk Mode Operation
Flexibility
A personal key, groupkey, or key for entire
organization
Symantec Endpoint EncryptionRemovable Storage Edition -
continued
-
8/9/2019 SEE 6.0 Technical Presentation
13/19Symantec Endpoint Encryption
Removable StorageCD/DVD Burning
14
-
8/9/2019 SEE 6.0 Technical Presentation
14/19Symantec Endpoint Encryption
Architecture
15
ADAM
Reporting
Keys
ComputerState
ActiveDirectory
Polic ies Users, Computersand Groups/OUs
Adam
Unique Instance
Does not requireSchemaModification to AD
Allows forApplicationSpecific Needs
SupportsReplication
Active Directory
Authentication
User Identities
Group Policies
-
8/9/2019 SEE 6.0 Technical Presentation
15/19Symantec Endpoint Encryption
Active Directory (AD) Administrators
Overall AD administrators
Perform initial Management Console installation
Delegate control to specific Symantec Endpoint Encryption Policy
Administrators
Symantec Endpoint Encryption Policy Administrators
Create Client Setup (.msi) files and deploy to users
computers
Create and deploy policy updates to clients
Audit clients with Symantec Endpoint Encryption Client
Monitor
Establish Symantec Endpoint Encryption Client Administrators
Symantec Endpoint Encryption Client Administrators
Perform administrative tasks on clients
Unregister users
Extend a scheduled lockout condition
Initiate data recovery operations
Unlock a machine
16
Administrative Roles
-
8/9/2019 SEE 6.0 Technical Presentation
16/19Symantec Endpoint Encryption
Managed Through GPOs
17
Client Admin Accounts
Autologon Timeframe Immediate DecryptionOne-Time Password Off or
OnAuthenti-Check Off or On
Authenti-Check Questions Reporting IntervalADAM Client Account
Single Sign-On or Password PolicyMax Incorrect Password
Attempts
Registration Password & LogonAssistance Messages Decryption
Rights Required Network Access Time Limit Display Last User Name at
Logon
-
8/9/2019 SEE 6.0 Technical Presentation
17/19Symantec Endpoint Encryption 18
Additional Endpoint Protection
Results:
ReducedCost, Complexity &
Risk Exposure
IncreasedProtection, Control &
Manageability
Symantec EndpointProtection 11.0
Symantec NetworkAccess Control 11.0
AntiVirus
Antispyware
Firewall
IntrusionPrevention
Device Control
Network AccessControl
Single Agent, Single Console
-
8/9/2019 SEE 6.0 Technical Presentation
18/19Symantec Endpoint Encryption
Additional Data Loss Protection
-
8/9/2019 SEE 6.0 Technical Presentation
19/19
Thank You !
