Data Encryption Systems (DES) has released DESlock+ Enterprise Server.
The new DESlock+ Enterprise Server brings cloud-based management to endpoint encryption, allowing centralised control of encryption keys and policy beyond the perimeter of corporate networks. Companies will be able to extend encryption security policy to include home and mobile networks by allowing users to send updates on key management through the cloud, meaning data can be updated and accessed from anywhere. David Tomlinson, Managing Director for DES, comments:
“End-point encryption is mostly targeted at mobile workers using laptops and USB flash drives, as it allows users to protect their data even from remote locations, ensuring they are meeting data protection and compliance requirements at all times. However end-point encryption still often relies on users connecting to a corporate network to manage their encryption keys and software policy, which can cause an issue for users who are seldom in the office.
Previously DESlock+ Enterprise Server has allowed for management of endpoints via the internet, however setup and configuration through this method is complex, slow and expensive. By moving the deployment component into the cloud all connections from client and server become outgoing, making it easy and cost effective for any organisation to remotely manage endpoint encryption, meeting regulatory conditions and completing security audits along the way.”
Cloud-based management is a game-changing technology for software products with complex and variable configurations, anti-virus being an ideal example. Encryption, however, poses a different set of problems; most importantly not wanting to store encryption keys on an internet web-server. DES’s new patent-pending solution splits part of the Enterprise Server off, moving the deployment component into the cloud to create a Proxy Server. This Enterprise Proxy behaves in a similar way to an email server, with client updates synched out for collection by the end-user, and status responses synched back for collection by the Enterprise Server. With communications protected by SSL encryption, the data posted through the Enterprise Proxy is protected with 1024 bit RSA and 256 AES. Tomlinson explains:
“Our technology is genuinely revolutionary, and our patent pending status confirms this. No one else is doing this at the moment and it can transform the way key management is handled for remote workers. The Enterprise Proxy is hosted in a 3 tier data centre in London, but for anyone not wishing to use this service, it may be hosted on their own web-server, with their own ISP or even run on the same computer as the Enterprise Server. Our Enterprise Server and its Proxy component can therefore offer users the convenience and cost-benefits of a cloud-based management service, without the risks created by moving encryption keys and databases off-site. The DESlock+ Enterprise Server offers customers the ability to maintain control of remote stations and staff, as well as the advantage of simplistic deployment. Our new system changes the rules for managing endpoint encryption.”
To compliment DES’s new feature enhancements, the Enterprise Server management console has been significantly improved. Now browser-based and available to multiple users, it may be used by Administrators with full access to Encryption policy settings and encryption keys or help-desk users who are limited to user recovery and remotely resetting passwords, which allows more flexibility with day-to-day management. Other key features include:
• Web-Based User Interface – A multi-user interface available from most web browsers from any point on the network
• Internet Connection – Client updates and status responses are encrypted and transmitted over the web
• Licence Management – Multiple organisational units and group licences can be managed from a single interface
• Encryption Key Management – Keys may be added, removed or erased remotely, with updates targeting users and/or workstations
• Encryption Policy Management – The product facilitates the full remote control of software features and endpoint encryption policy
• Assured Security – DESlock+ is CESG CCTM accredited and FIPS 140-2 level 1 validated
This update coincides with DES’s move to a per-user licensing structure, which extends to users’ home PC’s at no extra cost. This means that staff using home computers for work may be supplied with a corporate install to be managed centrally as part of an enterprise-wide data security program. Tomlinson concludes:
“We have launched the Enterprise Server in response to the recent remote working phenomenon and are delighted that it provides a complete data protection solution that goes beyond the traditional corporate network. This is just part of an overall drive that DES has undertaken to move with business and provide solutions that meet the needs of mobile workers. We have also recently added 2 new features for the DESlock+ Standard Edition, including removable media encryption and portable encryption, as well as moving to a per user licensing structure, giving more flexibility to mobile workers at an unbeatable price. I believe it is with innovation such as this that DES will continue to lead the market for data protection and security.”