This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SafeGuard - & Sophos Central Device Encryption

good morning

Hi guys, I need your help now I'm scheduling the sophos enripcion tool and there are two in which I can manage the enripcion theme:

1. Sophos SafeGuard
2. Sophos Central Device Encryption

I am using the second one (Sophos Central Device Encryption), since it is oriented for administration in the cloud, but I see that bitlocker uses a solution that incorporates windows to be able to encrypt and uses AES 256 algorithm.

I also want to encrypt folders and when I share them by network or when I share them by mail they can be encrypted, I was reading and the option that I think allows this is called "file share" but this option is not found in (Sophos Central Device Encryption ).

with respect to this I have these questions:


1. How safe is bitlocker since it is a windows tool to encrypt ?.
2. Does Sophos not use its own tool to encrypt?
3. Does the file share option if it is used to encrypt folders, if it will be supported for (Sophos Central Device Encryption) that is oriented for administration in the cloud?

regards

Edwin velasco



This thread was automatically locked due to age.
Parents
  • Hi Edwin - Good questions.

     

    1 - I've attempted to answer this on your other post, but in essence nothing is 100% secure. BitLocker though is a good standard (and FileVault2 if you use Macs). Sticking with a product that's baked into the OS too means you should hopefully suffer fewer compatibility issues, and being such a common product it has better support/interaction if there's issues.

     

    2 - This is dependant on OS and FDE (Full Disk Encryption) or FE (File Encryption).

    FDE - For OS that supports BitLocker (Win7 Ultimate/Enterprise and Win10 Professional, Enterprise, and Education) Sophos will "manage" BitLocker for you. Not entirely, some of this is still dependant on GPO but for the large - Sophos will manage it in the one interface.

    FE - Sophos uses it's own method for this to encrypt files and manage that. It can work on Windows and Mac, 

    3 - I may be wrong but I don't think File Encryption is offered in Central yet - I think it's just FDE. Personally I can see this being a challenge to accomplish too - It would be a great deal of traffic from the console to the client and if you lost Internet connectivity while working on an encrypted file....I just don't see that ending well!

    I think that if you want to use File Encryption you'll need to use the on-prem SafeGuard Enterprise but someone at Sophos can confirm this?

     

    Hope this helps?

Reply
  • Hi Edwin - Good questions.

     

    1 - I've attempted to answer this on your other post, but in essence nothing is 100% secure. BitLocker though is a good standard (and FileVault2 if you use Macs). Sticking with a product that's baked into the OS too means you should hopefully suffer fewer compatibility issues, and being such a common product it has better support/interaction if there's issues.

     

    2 - This is dependant on OS and FDE (Full Disk Encryption) or FE (File Encryption).

    FDE - For OS that supports BitLocker (Win7 Ultimate/Enterprise and Win10 Professional, Enterprise, and Education) Sophos will "manage" BitLocker for you. Not entirely, some of this is still dependant on GPO but for the large - Sophos will manage it in the one interface.

    FE - Sophos uses it's own method for this to encrypt files and manage that. It can work on Windows and Mac, 

    3 - I may be wrong but I don't think File Encryption is offered in Central yet - I think it's just FDE. Personally I can see this being a challenge to accomplish too - It would be a great deal of traffic from the console to the client and if you lost Internet connectivity while working on an encrypted file....I just don't see that ending well!

    I think that if you want to use File Encryption you'll need to use the on-prem SafeGuard Enterprise but someone at Sophos can confirm this?

     

    Hope this helps?

Children
No Data