Sophos SafeGuard Disk Encryption for Mac and Sophos SafeGuard Enterprise Encryption can be centrally managed. This is highly preferable in all but the smallest organizations.
Sophos has launched new security software,. The program provides sector-based protection of disk volumes, utilizing 256-bit AES encryption. Some features include the ability to encrypt an entire disk including the operating system and page files, and integrated power-on authentication for multiple users. Local and remote administrative functions are included as well, with detailed logs that show encryption status and user interactions during the POA process. Records indicate any failed login attempts. The software is compatible with third-party system administration tools, such as Apple's Remote Desktop. SafeGuard Disk Encryption requires Mac OS X 10.5 or higher, and can be tested in a free trial; pricing options are available via request from Sophos.
SafeGuard Encryption? Have used it, never had any issues with it. Well that's simple, you secure company data, against anyone who might try to extract data from the hard disk itself, a very useful feature for employee's who are on the road with Laptops, but equally as important for PC's in the office (in case you suffer a break in). Can't think of any bad points. I personally prefer McAfee Endpoint Encryption, but that's because I'm an ePO fan. Good luck with the deployment. Oh, and SafeGuard Encryption uses the AES algorithm to encrypt drives, consequently, it supports AES New Instruction Technology (AES-NI), which accelerates the speed at which drives can be encrypted if they have one of the newer Intel processors.
Edit - Deployment scenario was 26 Laptops, and 3 PC's. Webby926 I think I must have been one of the lucky one's then! I've got a client who has rolled it out to every laptop around the world via their in house IT department. We provide in-house support for their UK operation. Problem is that the setup means only the person the laptop was encrypted for can log in (so no borrowing machines and they have to be wiped in order to hand them over to someone else). We have had a lot of slow performance issues (10 minutes for an i-7 laptop with 12GB RAM to login). 8 machines rebuild due to loss of boot sectors and another 3 machines that will fail very soon (they are really easy to predict the failure too) Download a copy of Windows PE as you can repair them in about 25 minutes, but this will be one of your favourite documents in future.
I am currently in the process of rolling this exact solution out. So far no trouble or performance issues. I do recommend that you run a disk block checker before you start the encryption process. If you start encrypting and hit bad block it can become a problem and the encryption will come to a stop and leave you in an odd state.
As you are fully encrypting the disks and recovery sometimes can be an issue I recommend have a strong backup solution for the workstations, so the users documents are backed up somewhere other than the workstation on a normal basis. In regards to the above quote 'Problem is that the setup means only the person the laptop was encrypted for can log in (so no borrowing machines and they have to be wiped in order to hand them over to someone else).' I don't believe this is correct. Multiple people can enroll on to a machine from my experience. That being said I normally image workstations anyways before they go to a new user. Hi, So when you power on a workstation you are present with a 'POA' screen requiring a login.
Sophos Safeguard Download
Only enrolled members of that workstation will be able to login and allow the computer to boot. A user only needs to login into the machine once and sync which will enroll them into the workstation. Next time the system reboots then that user will also be able to user their credentials at the POA screen. So yes there may sometimes be annoyances with encryption but if these workstations are mostly turned on then I don't see to much trouble. I am only using the version that comes built into the data protection suite. There is a full enterprise edition that allows more features and functionality that may make life a bit easier from what I can see.
The exact difference is something you need to discuss with Sophos, but it seems they themselves have trouble distinguishing the difference between the Full enterprise edition and the version that comes rolled in with a protection suite. The one part I find annoying is that only one user can be logged in.
What Is Sophos Safeguard
Beach head 2000 for mac. So for me as an admin I can no longer use 'switch user' to perform some admin tasks. That user will need to save their work and log off before I can log in.