The Active Directory Integration and Centralized Management capabilities of GuardianEdge are especially useful in enabling us to implement an advanced security solution that demonstrates our commitment to client privacy and confidentiality -- and, as such, plays an important role in differentiating us from our competitors.
Joe Rumpler, IT shareholder, Clark Schaefer, Hackett & Co.
Comprehensive Mobile Data Loss Protection
As a key component of the GuardianEdge Data Protection Platform, the GuardianEdge Data Protection Framework gives IT administrators an integrated set of security and management services for deploying, managing, and monitoring multiple endpoint data protection solutions within a single unified administrative environment.
The result is a comprehensive approach to data protection that provides tight coupling and common administration of a broad set of data protection controls and ensures that at-rest or mobile data on endpoints is always secured. It also provides the common infrastructure to minimize the costs of administration and support, and reduces the potential for data security gaps through the alignment and integration of data protection policies.
Application Module Provisioning
Integrates the creation and deployment of installation packages for endpoint applications with standard IT administrative tools and practices. Through simple, wizard-based user interfaces, endpoint application administrators create application deployment packages and default policies for full-disk encryption, port and device access control, and removable storage file encryption.
Authentication
Enables organizations to use their existing directory services infrastructure to manage user-profiles, encrypted computers, encryption keys and other application-specific data, without the need to make changes to the directory schema. Delivers the industry's strongest integration with Microsoft Active Directory for end-user authentication.
Key Management
Supports strong two-factor end-user authentication using either user name and password, or public/private key pairs secured on protected portable tokens. The user credentials are leveraged across multiple GuardianEdge applications to minimize the number of keys users must possess.
Policy Management
Enables administrators to easily express and implement information security policies for endpoint data access control and data encryption throughout the enterprise. Through tight integration with Active Directory, administrators can easily leverage the familiarity, convenience, and scalability of GPOs to deploy and update their policies. A single central point of administration for data protection policies also gives administrators a comprehensive view of the protections in place.
Monitoring and Auditing
Robust monitoring and auditing capabilities enable administrators to verify enforcement of existing security policies, document policy changes and demonstrate compliance with a variety of consumer privacy initiatives.
End User Support
Provides the industry's most comprehensive and scalable administrative support services for end-user assistance. Includes:
- Authenti-Check®, which allows administrators to deploy a self-service password recovery capability to users as a part of a full-disk encryption application policy
- One Time Password (OTP) service, which provides remote recovery support through the help desk and simplifies interaction between the helpdesk and end user
- Local administrative access to protected machines
Role-based Administration
Supports coordination between several individuals, with a clear chain of command across multiple departmental units and geographic locations through a multi-tiered administration system that enables effective, efficient delegation of access rights and responsibilities.
