Skip to main content

CLOUD SOLUTIONS

Overview

Note

This module is available for:

  • Windows for workstations

  • Windows for servers

  • macOS

The Encryption module manages full disk encryption on endpoints by leveraging BitLocker on Windows, and FileVault and the diskutil command-line utility on macOS, respectively.

With this approach, GravityZone is able to provide some consistent benefits:

  • Data secured in case of lost or stolen devices.

  • Extensive protection for the most popular computer platforms in the world, by using recommended encryption standards with full support from Microsoft and Apple.

  • Minimal impact on the endpoints’ performance due to the native encryption tools.

The Encryption module operates the following solutions:

  • BitLocker version 1.2 and later, on Windows endpoints with a Trusted Platform Module (TPM), for boot and non-boot volumes.

  • BitLocker version 1.2 and later, on Windows endpoints without a TPM, for boot and non-boot volumes.

  • FileVault on macOS endpoints, for boot volumes.

  • diskutil on macOS endpoints, for non-boot volumes.

For the list of operating systems supported by the Encryption module, refer to GravityZone requirements.

Note

Availability and functioning of this feature may differ depending on the license included in your current plan.

Activation

To use Full Disk Encryption, you first must make sure that this feature is activated with your GravityZone product and then you must configure it in the policy settings.

Full Disk Encryption is a feature that requires activation based on license key. To do this, go to Configuration > License and enter the license key. To check the availability of Full Disk Encryption, open the policy settings or create a new installation package and see if Encryption appears among the listed modules.

Full Disk Encryption is activated differently for customer companies with yearly and monthly licenses.

  • For customer companies with yearly license, Full Disk Encryption comes as an add-on that requires activation based on license key.

  • For customer companies with monthly license, you can allow Full Disk Encryption management for each company, without providing a license key.

Customer companies with yearly license

To activate Full Disk Encryption for customer companies with yearly license:

  1. Log in to Control Center.

  2. Go to Companies.

  3. Click the name of the company you want to enable Full Disk Encryption for.

  4. Under the License section, enter the license key for Full Disk Encryption in the Add-on key field.

  5. Click Add. The add-on details appear in a table: type, license key and the option to remove the key.

  6. Click Save to apply the changes.

Customer companies with monthly license

To allow Full Disk Encryption management for customer companies with monthly license:

  1. Log in to Control Center.

  2. Go to Companies.

  3. Click the add.png Add button in the action toolbar.

  4. Fill in the required details, select Customer for company type and Monthly Subscription for license type.

  5. Select the Allow company to manage Encryption check box.

  6. Click Save to apply the changes.

The partner companies have by default the Full Disk Encryption settings and they cannot enable or disable this feature.