Full Disk Encryption – Bitdefender TechZone
Protect sensitive data with full disk encryption. GravityZone ensures optimal compatibility and performance on Windows and MacOS, offering centralized management and recovery key storage.
Data is simultaneously the world's most valuable and vulnerable resource. Encryption helps maintain the confidentiality of sensitive information by converting it into an unreadable format that can only be deciphered with the appropriate decryption key. This ensures that even if unauthorized individuals gain access to the encrypted data, they cannot understand or misuse it.
Full disk encryption may seem like a limited tool that works only when the data is at rest, but it plays a crucial role in a business environment. Without encryption, sensitive data is vulnerable to theft. For instance, if users store confidential information on a computer, anyone with physical access to this computer in the event of theft or loss could potentially gain access to this data.
Full disk encryption of hard drives, external drives, and other storage systems provides a baseline defense against risks and can be easily implemented as a first step towards better security.
For home offices and users with straightforward needs, manual encryption based on built-in solutions in the operating system is easy to manage. However, even small, and certainly medium and enterprise organizations require centralized controls to centrally manage encryption keys and password recovery. This is also the easiest way to demonstrate compliance with regulations.
GravityZone Full Disk Encryption is a native encryption module which keeps data secure and minimizes the risk of data loss or theft. It offers centralized management of the native device encryption mechanisms provided by Windows and MacOS, ensuring optimal compatibility and performance. Furthermore, GravityZone stores the necessary recovery keys required to unlock volumes in the event that users forget their passwords.
Windows disk encryption
The Volume Encryption module provides full disk encryption by managing BitLocker on Windows machines. By utilizing the AES-256 encryption key, BitLocker encryption helps safeguard disks from unauthorized access to information. Administrators can easily encrypt and decrypt both boot and non-boot volumes inside the organization. Automatic encryption is applied to all fixed drives. The encryption process takes place in the background, requiring minimal engagement from users that they can continue to use their computers.
Detailed information about Disk Encryption requirements can be found at our Bitdefender Support Center here.
Detailed information about Disk Encryption configuration can be found at our Bitdefender Support Center here.
MacOS disk encryption
The Encryption module provides full disk encryption on Mac. The security agent operates FileVault to encrypt Mac’s boot drive and the diskutil command-line utility to encrypt any non-boot drive. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information. The encryption process takes place in the background, requiring minimal engagement from users so that they can continue to use their computers. Encryption occurs only while Mac is awake and plugged into AC power. Removable drives are not encrypted.
Detailed information about Disk Encryption requirements can be found at our Bitdefender Support Center here.
Detailed information about Disk Encryption configuration can be found at our Bitdefender Support Center here.
Recommended Content
To learn more about the technologies included in the Prevention layer we recommend reading the next article Device Control
More Resources
Bitdefender Full Disk Encryption official website: GravityZone Full Disk Encryption
Bitdefender Full Disk Encryption Guided Tour: Full Disk Encryption Guided Tour