A Proven Solution

By Marcus Prendergast Print this article Print

Encrypting laptops helps Educational Testing Service prevent data breaches and encourage its employees to embrace security.

A Proven Solution

We believe that one of the best ways to protect data against unauthorized access or use is to encrypt it, making the data unreadable to thieves, hackers and other unauthorized users. But we required a proven, standards-based encryption solution that was built to last, and we didn’t want to worry about different products working together.

The product had to be easy to use, or else our employees and partners might circumvent it. Also, we wanted to manage enterprisewide deployment centrally, with the ability to meet current and future data protection needs.

At the time, the provider that hosted our IT security solutions secured only part of the hard drive and operating system with its hard-disk encryption solution. This required our users to save data to certain areas on their computers. We wanted

to encrypt the entire hard drive to free employees and partners to concentrate on their jobs.

We reviewed solutions from four vendors and decided that PGP’s outpaced the others in terms of product quality, market longevity and meeting our specific needs. So we chose PGP Whole Disk Encryption to protect mobile data on our laptops and PGP Universal Server to centrally manage our enterprisewide encryption deployment.

When we deployed the new technology, we had to explain why encryption was necessary. Many of our employees and partners were unaware of the numerous IT security threats they might have to face and didn’t realize that so many data breaches were occurring in all industries, especially in higher education.

To deal with this situation, we created a mandatory training program for laptop users that would familiarize them with rules for using and traveling with encrypted devices. In addition, we require our outside legal counsel to use PGP encryption keys and our partners to obtain at least one copy of PGP Desktop Email encryption software if they want to share any sensitive information with us electronically.

Deployment Results

Our IT engineers, with PGP’s help, designed and tested the new solution in-house, on time and on budget. We have achieved a significant ROI. For less than $250,000, we have improved security, compliance, usability and employee engagement.

Our new centralized management, policy, log and key management capabilities provide unprecedented visibility and real-time control over our laptops. Our IT staff knows which laptops are encrypted and which ones are online. Should a device go missing through theft or loss, we can determine whether the data on it was encrypted.

In addition to having better tools, training employees on security best practices—including the monetary value of data and the cost of losing it—has directly caused organizationwide behavioral changes that reduce the risk of data breaches.

If someone loses a laptop, encryption prevents unauthorized users from accessing the data, cutting the risk of a breach to zero. We trust this solution so completely that we are putting our own name on our laptops’ startup screens, replacing the anonymous tags we previously required for security purposes.

ETS must comply with federal IT security mandates and with the Payment Card Industry Data Security Standard (PCI DSS) to protect credit card transactions. Our employees must comply with different laws about transporting encryption technology to various countries, particularly politically sensitive countries. We can now automatically enforce federal standards and international export rules on a country-by-country basis, ensuring that we don’t violate any international statutes, while still providing appropriate protection.

This article was originally published on 2010-02-04
Marcus Prendergast is a senior security engineer at Educational Testing Service (ETS), a nonprofit educational organization based in Princeton, N.J.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.