PBConnex: Full-disk encryption with pre-boot networking
WinMagic launched SecureDoc with PBConnex, a full-disk encryption solution with pre-boot networking.
PBConnex, an extension to SecureDoc, fully integrates network support within the pre-boot environment to make it significantly simpler to authenticate users, enforce access controls and manage end-point devices prior to the operating system loading – eliminating the user, deployment and system management headaches previously associated with endpoint encryption.
PBConnex authenticates users and encrypted devices against Microsoft’s Active Directory (AD) and the SecureDoc Enterprise Server (SES) in the pre-boot environment – before the key to decrypt and load the operating system is available.
This eliminates the need to replicate user access credentials onto devices and also, if previously required, the need to set up separate password reset mechanisms for other full-disk encryption solutions – making it just as easy for users to access a network from an encrypted device as an unencrypted device.
Other full-disk encryption solutions necessitate that administrators must either manually add/remove access for each individual user for each device or enable autoboot, which leaves user passwords vulnerable if the device is taken outside of a security zone.
With SecureDoc and PBConnex, all authorized users can simply enter their password to log on to an authorized device at pre-boot without any additional replication being necessary.
Prior to the launch of PBConnex, when resetting a password a user had to go through a lengthy password reset procedure, and then may have had to enter the new password multiple times during system logon. With SecureDoc and PBConnex, this process is no longer required as passwords are reset directly in AD – greatly simplifying the life of administrators and users by making it easy to instantly log on to new systems.
With SecureDoc and PBConnex a system administrator can securely roll-out new software without exposing the device, as the system will instantly recognize if the device is removed from the secure zone during boot time and deny access to it.