An attacker can gain physical access to computers containing sensitive data in a number of different ways, such as:
Physical access to a device enables an attacker to bypass a variety of different cybersecurity solutions. Endpoint encryption can make it infeasible for an attacker to steal sensitive data from a device in their possession or install malware on the device.
The underlying components of all endpoint encryption solutions are fairly similar. The encryption algorithms in common use today – such as the Advanced Encryption Standard (AES) and Rivest-Shamir-Adleman (RSA) – are public protocols that anyone can use. These encryption algorithms are believed to be secure against attacks by modern computers.
The main difference between endpoint encryption systems is the level at which encryption is applied. The two main types of endpoint encryption systems are full-disk encryption and file encryption.
Full-disk encryption (FDE) takes a one-size fits all approach to encryption. The entire drive is encrypted using the same encryption algorithm, settings, and secret key. This secret key is stored on the device itself and is only accessible once a user has authenticated to the system.
Once a user has logged into the system, it is possible to decrypt all of the files and folders on the system. This makes it possible for the system to boot up and provides the user with full access to their files and folders, providing the best user experience.
At the other extreme, some endpoint encryption systems provide the ability to perform encryption on a per-file basis. This enables a user to precisely define which files they want to encrypt and the details of how that encryption is performed.
This approach to data encryption has its benefits as well. With more granular control over which and how files are encrypted, a user can make decisions that ensure that encryption is applied to the files that need it without wasting time and resources on files that do not require protection.
Endpoint encryption solutions – whether full-disk or file encryption – provide the ability to protect data stored on a device against physical threats. This provides a number of benefits, such as:
As remote work becomes more common, the endpoint is becoming a primary target of cybercriminals and a potential weak point in organizations’ cyber defenses. As devices move increasingly off-site, the potential for loss, theft, or other unauthorized access grows.
Endpoint encryption solutions help to ensure that only legitimate users have access to these devices and the potentially sensitive information that they contain. Check Point’s Harmony Endpoint offers full-disk encryption and the ability to encrypt removable media – such as USB drives – inserted into a protected system. This helps to ensure that the data stored on these devices is protected against physical threats.