Endpoint Media Encryption

The Check Point Media Encryption Software Blade provides centrally-enforceable encryption of removable storage media such as USB flash drives, backup hard drives, CDs and DVDs, for maximum data protection. Educating users on when to share and not share corporate data via UserCheck prevents future data sharing mistakes. Port control enables management of all endpoint ports, plus centralized logging of port activity for auditing and compliance.

Benefits

Comprehensive data protection and control for endpoint removable media

  • Encrypt data stored on removable devices; track and manage removable devices individually
  • Automatic transparent encryption for DVDs and CDs burned with endpoint PCs
  • Allow secure mix of personal data and encrypted business data
  • Actively engages and educates users for Media Encryption policies for business continuity

Maximize operational efficiency with industry-leading performance

  • Fast initial and recurring scan times
  • Minimal memory usage

Easy-to-use, transparent centralized management from a single console

  • Central policy enforcement of removable media and port usage policies
  • Central log of media usage and data movement for compliance, forensic analysis

Confidentiality is absolutely essential in our business—our clients and applicants depend on it. With the Check Point solutions, the security is always on and data encrypted on the fly, keeping confidential records safe.

Graham Taylor

Head of IT Security

Michael Page International


more

Features

Set Encryption from Centralized Security Management

The centralized endpoint security manager allows administrators to set and enforce encryption policy for removable media and devices using algorithms such as AES 256-bit, for maximum data protection. Unique to Check Point, users can securely access encrypted media from unmanaged computers, with no client installation.

Device Access Settings

The device access settings control access to removable media, devices and ports. Devices can be defined at a granular level by type, brand, size or ID, for maximum data protection. Access to endpoint ports such as USB, FireWire, Bluetooth, WiFi, printer, etc., can be centrally managed.

Removable Media Enforcement

Removable media enforcement maximizes data security by placing a unique digital signature on each encrypted device, informing the user of any unauthorized changes made to stored information. Should any changes be detected, the device will need to be re-authorized before it can be used in the protected environment again.

Granular Control of Data

Use Check Point UserCheck™ to actively engage and educate users as they access portable media to identify potential policy incidents as they occur and remediate them immediately.

Engage and Educate Users with Integrated Check Point UserCheck

Use Check Point UserCheck™ to actively engage and educate users as they access portable media to identify potential policy incidents as they occur and remediate them immediately.

Logging and Alerts

Administrators can store device activity and file movement logs to a central database, enabling centralized auditing and reporting for easy compliance. Email alerts can be configured to notify administrators about specific events.

Central Management

The Media Encryption Software Blade is centrally managed by the Endpoint Policy Management Software Blade, enabling central policy administration, enforcement and logging from a single, user-friendly console. Centralized management offers unmatched leverage and control of security policies and multiple deployment options offer easy installation and minimize user impact, for a reduced overall cost of operations.

Integrated into Check Point Software Blade Architecture

The Media Encryption Software Blade is integrated into the Software Blade Architecture. Endpoint Security Software Blades from Check Point bring unprecedented flexibility, control and efficiency to the management and deployment of endpoint security. Choose from six Software Blades to deploy only the protection you need, with the freedom to increase security at any time from a single central management console.


Learn More

Specifications

Client Platform Support
Operating SystemsWindows 8 Enterprise and Professional editions 32/64-bit
Windows 7 Enterprise, Professional, Ultimate editions 32/64-bit and SP1
Windows Vista 32/64-bit
Windows XP Pro (32-bit, SP3 and later)
Mac 10.7/10.8/10.9
CD/DVD Burning Application Integration
ApplicationsWindows CD/DVD wizard Nero 9 Multimedia Software
Client Language Support
LanguagesEnglish
Japanese
French
Italian
German
Chinese (simplified)
Spanish
Russian
Certifications
Media Encryption CertificatesCommon Criteria EAL4, FIPS 140-2, CCTM CESG
Ports Controlled
Port TypesUSB, WiFi, Fire Wire, IDE, Bluetooth, PS/2, PCMCIA, SATA, IrDA and SCSI
Devices Controlled
Device TypesUSB flash drives, floppy drives, external hard drives, tape drives, Windows Mobile Smartphones, PDAs, imaging devices, scanners, iPhones, Blackberrys, modems, other network access devices, iPods, other digital music devices, printers, CD/DVD drives, keyboard, mouse, digital cameras, wireless network interface cards, biometric devices and smart cardreaders
Management Platform
See Endpoint Policy Management Software Blade