18 January 2017
Today, Symantec releases an updated version of Symantec Endpoint Encryption (v11.1.2) that helps customers encrypt a broader range of devices and operating systems, extends the functionality for managing Windows devices using BitLocker and simplifies the way IT administrators and help desk staff can support their users.
Endpoint encryption is a fundamental technology to ensure that information contained on computing devices is protected, should that device be lost or stolen. As organisations use an increasing range and variety of devices (tablets, laptops, removable media drives, opal-compliant self-encrypting drives etc.), being able to protect and manage these with one technology solution offers efficiency advantages. Windows and Apple computers are now provided with native encryption technology (BitLocker and FileVault 2) but their protection is limited to their respective operating systems.
Symantec Endpoint Encryption v11.1.2 protects, not only a wide range of devices, but also provides a unified management console that also supports native encryption technology, with the ability to “lock-out” a Windows device running BitLocker that has failed to connect to the network after a specified period of time. This new functionality surpasses that provided by Microsoft and allows administrators to proactively protect against potential data loss should a device go missing.
The release provides benefits for administrators, extended support for Microsoft BitLocker, users of Windows tablets and extends platform support. Further details are below:
Administrator Benefits:
Key Recovery Enhancements:
Web console: Help Desk administrators now can retrieve recovery keys for users who have forgotten their login credentials.
Simplified authentication: Additionally Help Desk administrator can use their domain credentials to authenticate to the web console for key recovery. This eliminates the need for each Help Desk administrator to install the management console on their machines, simplifying key recovery and enhancing the overall product experience.
Bolstered Native Encryption Capabilities (SEE-Bitlocker):
Policy-driven client lockout: To reduce the risk of data leakage for SEE-BitLocker encrypted machines, administrators can enforce a policy to lock out machines that fail to communicate with the server beyond a certain period of time, thereby enhancing overall security.
Hardware encryption support: Customers can take advantage of BitLocker hardware encryption via Microsoft eDrive for supported models, ensuring little to minimal impact on overall the performance of the machine.
User Benefits:
Virtual Keypad Support for Windows Tablets: End users can log in to a SEE encrypted Windows tablet via a virtual keypad. This eliminates the need to rely on a physical keyboard for authenticating to the Windows environment, enhancing the overall experience for Windows tablet users.
Platform Support:
Smart card support for Surface Pro 4 tablets
Smart card (PIV CACv2) support for legacy BIOS mode
BitLocker XTS-AES cipher mode
MacOS 10.12.1 (Sierra)
Windows 10 Anniversary Update
Windows Server 2016
Documentation:
Refer to this KB article for the release notes, system requirements and other documentation for this release.
For more information:
Visit the Symantec Endpoint Encryption website