WinMagic SecureDoc Full Disc Encryption v5.2SR2
Strengths: Easy to use and simple to deploy with a kill drive feature; FIPS compliant.
Weaknesses: Support for sharing encrypted files and media; data accessible while authenticated.
Verdict: As far as we could test, this was a nice standalone solution. That being said, we did not have the central management console for our examination, so we cannot say how well or not this solution would work in an enterprise environment.
SummaryWinMagic SecureDoc is a full-disk encryption (FDE) management solution that includes client agents for Windows, Mac and Linux operating systems and server software (SecureDoc Enterprise Server). We were provided the SecureDoc-v52SR2_Goldapplication to evaluate. The documentation does state that there is a management component to the application, but we were only provided the standalone app to evaluate.
WinMagic Secure Doc is a full-drive application with some file and folder encryption features. Installation is easy and straightforward. After this, one is put through a wizard, which creates recovery media and installs the pre-boot environment. There is a feature called PBConnex, which uses network-connected resources to authenticate users, enforce access controls and manage endpoint devices before the operating system loads.
The encryption username and password are separate from a Windows login, and once the admin logs in and unencrypts the drive, it appears as though any remote exploit would grant access to the data. One can encrypt removable media, and it can be set to be accessible with a password, or only by a user with access to the key file. However, in our testing, media was only readable with the Secure Doc Media Reader installed.
Encrypting files and folders is not integrated with Windows browsing, i.e., right click and encrypt. One must instead use the icon in the system tray, choose the folder "encryption," and then browse to the file or folder from there. The Crypto-erase feature is efficient, allowing users to configure a "kill combo" of keystrokes so that when pressed deletes the encryption keys from the workstation, immediately crashing Windows and rendering the disk inaccessible.
As a standalone solution, there was no reporting or logging elements available to test. At $99 per user, it's one of the more expensive products we reviewed, probably a bit pricey considering it lacks management features.
*Representatives for Winmagic note that the solution is enterprise-class and therefore does include a central management console. However, as noted at the start of our review, we did not receive this component and so did not test it in our lab.