Full-disk and volume encryption protects data if device is physically lost, but does nothing to protect data once a valid user has logged-on and encryption is essentially bypassed.
Many organizations use full-disk and volume encryption products to protect the data content of end-point devices in the event that the device is lost or stolen.
However, in today’s work-from-anywhere world, the risk of physical loss is out-shadowed by the significantly greater vulnerabilities that occur whilst the device is being used by its legitimate owner in on-line activities such as banking, accessing membership details, purchasing products, paying bills etc.
Public Wi-Fi networks, unmonitored Bluetooth connections, browser connection to compromised websites can all present opportunities for hackers to gain access to end-point devices after the point where full-disk or volume encryption provide no protection, that is encryption has been bypassed.
Randtronics DPM easyCipher provides agent-based, file/folder level transparent data encryption (TDE) that allows sensitive files and folders on end-devices to be protected whilst in use.