Randtronics Logo

End-point-device, data encryption

Encrypting data when device is idle and in-use

Full-disk and volume encryption protects data if device is physically lost, but does nothing to protect data once a valid user has logged-on and encryption is essentially bypassed.

End-point encryption

Many organizations use full-disk and volume encryption products to protect the data content of end-point devices in the event that the device is lost or stolen.

However, in today’s work-from-anywhere world, the risk of physical loss is out-shadowed by the significantly greater vulnerabilities that occur whilst the device is being used by its legitimate owner in on-line activities such as banking, accessing membership details, purchasing products, paying bills etc.  

Public Wi-Fi networks, unmonitored Bluetooth connections, browser connection to compromised websites can all present opportunities for hackers to gain access to end-point devices after the point where full-disk or volume encryption provide no protection, that is  encryption has been bypassed.

Randtronics DPM easyCipher provides agent-based, file/folder level transparent data encryption (TDE) that allows sensitive files and folders on end-devices to be protected whilst in use:

Data is protected at all times from:

  • other users on the machine including OS system administrators
  • from non-whitelisted applications
 

And by policy,  additional restrictions can be placed on the users access to protected files/folders.  Sensitive data folders can be temporarily locked whilst working on unsecured networks and unlocked on demand.

Data protection for end-point device

Full-disk and volume encryption helps address the risk of physical compromise (when a device is lost or stolen) of end-point device contents — but offers nothing to  guard against data compromise during everyday use on unsecured networks. 

Randtronics DPM easyCipher can work alongside full-disk or volume-encryption to protect end-point-device data whilst the machine is in-use.

Randtronics DPM easyCipher

DPM easyCipher provides transparent data encryption for databases, web/app servers, file servers, NAS storage and end-devices.

Data policies and encryption keys are managed centrally providing enterprise-wide control of sensitive data.

DPM agent installed on end-point-device mediates all access to secured folders and prevents access from any non-whitelisted user or application.

DPM easyCipher co-resides and adds privacy control depth without complications alongside full-disk or volume-encryption such as Microsoft Bitlocker.  DPM easyCipher when used with Microsoft Bitlocker can provide an added layer of protection against unauthorized access to sensitive information, even if an attacker gains access to the device or volume.

DPM easyCipher end-point device TDE

Learn More

Download presentation on using DPM TDE to complement Bitlocker protection on Laptops

Latest news and articles

Goodbye, Tina Turner

Sad news this week that the Queen of Rock ‘n’ Roll has exited the stage. Many of us at the Randtronics team grew up hearing

Read More

Our Customers

Letter from the CEO

Rantronics Logo

Thank you for visiting the Randtronics website.

We make enterprise encryption easy.

Smart businesses already know that only encryption can reduce the attack surface and stop the hackers from stealing their sensitive data. A company that only uses encryption is more secure than a company with all other cyber security measures. Privacy standards such as PCI DSS, HIPAA, and GDPR are all mandating in law the protection of the citizen’s personal data. Fines for breaches are huge. You won’t get fined if your firewall is hacked. You won’t get fined if you suffer a virus or ransomware attack. You WILL get fined if you lose ANY personal data pertaining to ANY citizen. The lowest common denominator is the DATA. Data that is “Encrypted” is out of the scope of the Law.

Whilst all understand the need to protect sensitive data holistically (such as NIST Cyber Security Framework or 12 prescriptive PCI DSS guidelines) their cyber security priorities are misguided to say easy aspects and not addressing “what happens” when these fail? Encryption of data is the only direct protection measure that renders data unreadable compared to upgrading firewalls or virus and malware, IPS, log monitoring, etc. I am saying you need all methods but unless you have implemented enterprise grade encryption you are still unprotected like driving a car without “seatbelts”. “Enterprise grade encryption” as a cyber measure is the “seat belt” that saves lives in car accidents. Industry experts predict a relentless continuation of data breaches this year and penetration testing have proven perimeter defense is easily penetrable.

Randtronics has taken the challenge to make encryption easy and is innovating in many areas. We have already reduced deployment effort to days, use familiar standard components so that less skilled people can deploy and maintain systems.
I welcome discussions via email or phone as through your feedback we will be challenged to continue to innovate to the point where businesses and users do not need to be intimidated when using encryption as the worlds most powerful tool to protect their sensitive data.

Experts predict data breaches will continue at relentless pace, let Randtronics secure your business with “Enterprise grade ubiquitous encryption technology”. Time is of the essence. Why not be pro-active? I invite you to let Randtronics and its global distributors and resellers assess and assist your business directly.

Yours sincerely,
Bob K Adhar, BE, MBA, CISSP
Founder and CEO