What Endpoint Encryption Defends Against
An attacker can gain physical access to computers containing sensitive data in a number of different ways, such as:
- Lost/Stolen Devices: As remote work and the use of mobile devices become more common, the threat of lost and stolen devices grows. If a device is lost on the subway or swiped from a coffee shop table, an attacker with physical access to the device may try to read the data stored on the device.
- Discarded Devices: Companies and individuals discard devices containing potentially sensitive information all of the time. In some cases, cyber threat actors collect these secondhand devices and attempt to read the data that they contain, which may reveal corporate data or customers’ personal information.
- “Evil Maid” Attacks: “Evil maid” attacks describe the threat of an attacker gaining physical access to a device left in a hotel room, company office, etc. Under these circumstances, the attacker may be able to read data or install malware on the device.
Physical access to a device enables an attacker to bypass a variety of different cybersecurity solutions. Endpoint encryption can make it infeasible for an attacker to steal sensitive data from a device in their possession or install malware on the device.
How Endpoint Encryption Works
The underlying components of all endpoint encryption solutions are fairly similar. The encryption algorithms in common use today – such as the Advanced Encryption Standard (AES) and Rivest-Shamir-Adleman (RSA) – are public protocols that anyone can use. These encryption algorithms are believed to be secure against attacks by modern computers.
The main difference between endpoint encryption systems is the level at which encryption is applied. The two main types of endpoint encryption systems are full-disk encryption and file encryption.
Full-disk encryption (FDE) takes a one-size fits all approach to encryption. The entire drive is encrypted using the same encryption algorithm, settings, and secret key. This secret key is stored on the device itself and is only accessible once a user has authenticated to the system.
Once a user has logged into the system, it is possible to decrypt all of the files and folders on the system. This makes it possible for the system to boot up and provides the user with full access to their files and folders, providing the best user experience.
At the other extreme, some endpoint encryption systems provide the ability to perform encryption on a per-file basis. This enables a user to precisely define which files they want to encrypt and the details of how that encryption is performed.
This approach to data encryption has its benefits as well. With more granular control over which and how files are encrypted, a user can make decisions that ensure that encryption is applied to the files that need it without wasting time and resources on files that do not require protection.
Securing Endpoints with Endpoint Encryption
As remote work becomes more common, the endpoint is becoming a primary target of cybercriminals and a potential weak point in organizations’ cyber defenses. As devices move increasingly off-site, the potential for loss, theft, or other unauthorized access grows.
Endpoint encryption solutions help to ensure that only legitimate users have access to these devices and the potentially sensitive information that they contain. Check Point’s Harmony Endpoint offers full-disk encryption and the ability to encrypt removable media – such as USB drives – inserted into a protected system. This helps to ensure that the data stored on these devices is protected against physical threats.
To learn more about the capabilities of Harmony Endpoint, check out the Harmony Endpoint product page. You’re also welcome to request a free demo to see Harmony Endpoint in action.
Feedback