Microsoft's BitLocker is an endpoint encryption option.
$100
One Time Fee
Sophos Central Device Encryption
Score 8.4 out of 10
N/A
Sophos Central Device Encryption (formerly SafeGuard) is a full disk encryption solution, based on the technology acquired with Utimaco by Sophos in 2008. It provides full disk encryption for Windows and macOS, and enables users to confidentially share sensitive files. A password protected HTML wrapper ensures only recipients with the correct password can access a document.
It can be used if you are already familiar with other Microsoft System Center tools, it will provide integration and it will be easy to use from an Administrator's perspective. However, if you want more detailed information related to the troubleshooting, specific fields, or data, it will not be that granular.
It is mid-level when it comes to running it by a non-IT person. I have no technical/IT training and can figure out on my own (or with a little web search) how to do most tasks. It may not be best for the very tech-challenged operator.
It is fairly easy to use, from both a technician and users point of view. The install itself is pretty simple, and setup of the software is also fairly simple. For users, it is easy to use the software to encrypt the computer.
It doesn't seem to use a whole lot of system resources when the encryption is enabled on the computer. You shouldn't experience any slowness of the computer, other than the time it takes to first encrypt the computer.
It serves its main purpose very well, and that is to protect computers from intrusions/data breaches. It is particularly good for protecting computers that are accessing/storing sensitive/confidential data.
Even if it's the best we tested, I think write performance could be improved. Maybe with dedicated hardware inside the TPM?
No integration with OS password is a shame as most others have it and it is Microsoft on Microsoft so they can probably do it better then anyone else and safer.
I wish they would support multiple passwords like FileVault on macOS. If it's a shared computer, you have to give the only password to Bitlocker to both users.
Sophos Central Device Encryption offers straightforward usability with centralized management through a web-based console. 1 Its intuitive policy creation, often just a few clicks, simplifies deployment for Windows BitLocker and macOS FileVault. 2 Existing Sophos Central users benefit from agent integration, and self-service key recovery minimizes IT overhead, enhancing overall ease of use.
Not good nor bad, BitLocker encryption is a symptom of our era, we need to protect ourselves and our data, BitLocker is a tool, as an IT we have to deal with it but it doesn't bring any benefit to my daily operations.
This was formerly called Symantec PGP encryption. We selected BitLocker since this is what the University has deployed and is currently supporting. BitLocker has many advantages over Symantec PGP, as BitLocker is built-into all Windows computers. With PGP, this was a commercial product that had to be installed on each machine. That product also was not as easy or intuitive to use as BitLocker, and there were also more issues/problems that occasionally occurred with PGP.
It is a proven manufacturer with reliable functionalities. It releases fast and accurate updates when needed. It is still developing many new features and has a good knowledge base and support when needed. Furthermore, we are already familiar with other Sophos products, which means it fits well with company policy.
Protects against data loss and theft, which can be very expensive if PII, SPI, PHI is involved. Fines for this type of loss can be very high, along with the costs of notification, and discovery.
Cost is included in Windows O/S, without needing additional licensing costs.
It's had a positive impact as it's allowed us to effectively secure hard drives with bitlocker encryption
A larger part of our work force works from home, and Sophos can be deployed remotely and will start encryption almost straight away on any computer that isn't already encrypted.