Smart card vendor Gemalto has teamed up with McAfee to offer an authentication and encryption package designed to secure sensitive data, whether in transition or within the company.
With the increasing number of laptop thefts, some companies are turning towards fully encrypted hard disks in order to protect sensitive data. Gemalto and McAfee on Monday announced that they are now offering a package that uses a hardware-based two factor authentication system for full disk encryption of PCs and laptops.
Two-factor authentication is essentially a system whereby two different methods are used to authenticate a particular user. Using two factors as opposed to one delivers a higher level of authentication assurance.
The combined offering makes use of Gemalto's .NET smart card. Its Smart Enterprise Guardian (SEG) digital security device has been tested and validated for compatibility with the McAfee Endpoint Encryption system (formerly SafeBoot Device Encryption) and McAfee Total Protection for Data.
This partnership now allows McAfee users to use Gemalto smart cards and security tokens to authenticate themselves to their encrypted devices. This two pronged approach is especially important after researchers at Princeton University found back in February that encrypting a laptop's hard drive does not guarantee to keep data safe.
McAfee Endpoint Encryption offers full disk encryption, which according to the companies is transparent to the user and performed "on the fly", so there is no impact on user productivity.
Security administrators can specify whether the system prompts for authentication before it even begins booting in order to protect against possible attacks on the operating system, or just before it is finished booting. Users must insert their Gemalto digital security device and enter a passphrase or PIN before being authorised to access the system data.
In addition, the management of McAfee Endpoint Encryption can be centralised, which allows enterprises to demonstrate data privacy compliance obligations, as well as internal and external security procedures.
McAfee's data protection enterprise software is common criteria EAL4 and FIPS 140-1 and 140-2 certified.
"By working with Gemalto, we are able to offer an interoperable security solution that provides peace of mind to organisations," said Frank Jorissen, vice president international business development with McAfee's Data Protection Business Unit.
"Full disk encryption that requires authentication with an external intelligent device before even loading the operating system is an extremely secure solution," said Jerome Denis, Identity and Access Management director at Gemalto.
There is no word on pricing, and Gemalto were unable to field a spokesman at the time of writing due to a public holiday in France.
Gemalto is the resulting company after the world’s two largest smart vendors (Axalto and Gemplus) merged back in 2006. Last November Gemalto and Lexar Media introduced a Vista compatible smart card device designed to secure network access and store confidential data.