Secure Disk for BitLocker

Microsoft BitLocker nicht nur als Fassade mit Pre-Boot Authentication ohne zusätzliche PIN.
NIS2 ready durch Next-Level Festplattenverschlüsselung mit Multi-Faktor-Pre-Boot Authentisierung.

CryptoPro Secure Disk Administrationsoberfläche mit PBA-Einstellungen, einschließlich Sprache, Tastaturbelegung, Bildschirmauslösung und Authentifizierungsmethoden für Benutzername/Passwort und Smartcard-Anmeldung
Warum brauchen wir Secure Disk for Bitlocker?

BitLocker ohne Secure Disk wird in 43 Sekunden gehackt

Mit der Einführung von Microsoft BitLocker und der Vollverschlüsselung der Festplatte inklusive Betriebssystem, ist die Pre-Boot Authentication die für die Sicherheit und Intigrität des Endpoints die wichtigste Technologie und nicht der Windows Log-on Screen.

Jedoch ist Microsoft BitLocker mit TPM und ohne PIN - wie es von vielen Unternehmen gemacht wird - in kürzester Zeit zu knacken und entspricht nicht den Vorgaben von Regulatorik und Cyberversicherungen. Die offizielle Microsoft Dokumentation rät deshalb von TPM-only ab (hier nachlesen). Entgegen der Microsoft Einschätzung, dass das Hacken von TPM-only nur einem erfahrenen Hacker mit viel Zeit gelingt, liegt die uns bekannte Rekordzeit bei 43 Sekunden.

Der Einsatz mit PIN ist ein Admin- und Nutzerfreundlichkeits-Alptraum, dessen Konsequenz neue Sicherheitslücken sind. Außerdem ist Microsoft BitLocker nativ nicht Multi-Faktor fähig.

Diese Lücken adressiert Secure Disk mit Multi-Faktor fähiger Single-Sign-On Pre-Boot Authentication.

Die Highlights sind:

  • Hohe Userakzeptanz durch Single-Sign-On an AD & Entra ID
  • Multi-Faktor Authentisierung mit Integration von Microsoft Authenticator
  • Einfache Erfüllung rechtlicher Vorgaben ohne operative Einschränkungen
  • Software Deployment trotz aktiver Bitlocker Verschlüsselung und Pre-Boot-Authentication

Für wen eignet sich Secure Disk

Secure Disk ist unverzichtbar für jedes Unternehmen, dass Microsoft BitLocker nicht nur als Fassade einsetzen möchte und insbesondere für Unternehmen, die unter NIS2 fallen und Multi-Faktor für ihre Pre-Boot Authentication umsetzen müssen.

See how TPM-Only gets hacked in 43 seconds:

That's why you need SecureDisk to securely encrypt your hard drives. The video clearly explains how BitLocker and TPM work and how the hack works.

Before we can show you videos, we need to let you know that when you watch the videos, data may be sent to the provider.

Benefits

The pre-boot authentication, that enables multi-factor

Security without operational restrictions

Single sign-on, uncomplicated MFA, simple help desk procedure in case of password loss and software distribution despite pre-boot authentication guarantee a high level of acceptance by users and administrators.

Easy compliance with legal requirements

Secure hard disk and operating system encryption with MFA is required by various regulations (GDPR, Bafin, KRITIS, etc.)

User-friendly MFA

MFA without Secure Disk: BitLocker PIN + Entra ID password

MFA with Secure Disk: Entra ID password + MFA e.g. with Microsoft Authenticator

Disk encryption even without Bitlocker

The Secure Disk Enterprise version has its own 256-bit AES crypto engine and can therefore be used under Windows operating systems that do not have a BitLocker.

Get non-binding advice now

You can certainly wait a bit with really secure disk encryption, but threats won't wait.

That's why: Let's talk Secure Disk. With clear recommendations, implementation strength and tried and tested procedures.

Services

Your trusted partner for multi-factor pre-boot authentication

As a partner, we implement the benefits of Secure Disk for you so that you can use its full potential and enjoy rapid implementation.

Secure Disk Trial, Setup, and Licensing
Design & implementation of system hardening
Managed system hardening
In action

This is what secure disk encryption looks like – without an extra PIN

Features
  • Centralized management of all settings

  • Offline Challenge/Response HelpDesk

  • Software deployment despite Bitlocker

  • Separation of roles: IT admin and security admin

  • InPlace upgrade compatibility

  • Benefits
  • Hardened BitLocker without effort

  • Significant reduction in effort compared to lost PIN

  • More worry-free protection with InPlace upgrades

  • comparison

    Secure Disk keeps your data simply secure

    Without Secure Disk

    Bitlocker only as a façade

    Unsafe or cumbersome

    Extra PIN for users including written PINs on Post-its

    No MFA during pre-boot authentication

    If applicable Hard disk encryption from dubious providers

    With Secure Disk

  • Real BitLocker protection without admin and user nightmares

  • Single sign-on (SSO) for users

  • NIS2 through MFA during pre-boot authentication

  • High user acceptance for secure hard disk encryption

  • Hard disk encryption made in Germany

  • Free endpoint security check

    Companies with best-practice endpoint management are demonstrably better protected. With the free Endpoint Security Check, you can find out how well your devices are protected.

    90%

    All successful ransomware attacks originate from poorly and unmanaged devices

    11x

    Higher probability of cyber attacks on > 20% unmanaged or poorly managed devices

    Learn details
    Case Studies

    How companies benefit from our partnership

    01
    MECM+system hardening @ textile manuf.

    Managed MECM and system hardening for manufacturers of innovative textiles

    Manufacturing industry
    |
    >2,500
    staffs

    Challenge:

    • Small IT team needs specialized support to operate MECM
    • The team had recognized the importance of standard system hardening, but could not guarantee it themselves

    The solution:

    • Managed service for MECM with managed UEM and trouble shooting for international locations
    • Adapting the CIS standard to an individual environment
    • Regular system hardening as a service in accordance with CIS standards
    01
    Intune+system hardening @ game developer

    Intune Deployment and Managed Service Plus System Hardening for Game Developers

    Game development
    |
    >100
    staffs

    Challenge:

    • Customer was dissatisfied with the speed and expertise of the old service provider
    • Intune should be introduced and cyber security significantly improved

    The solution:

    • From the 1st Intune workshop to implementation and long-term support
    • Establishment and regular updates of security baselines,
    • Microsoft Defender for Endpoint Implementation and Managed Service
    • SOFTTAILOR as a new go-to partner
    01
    Patch Management @ Law Firm

    Patch Management as a Service for law firm

    Professional Services
    |
    >500
    staffs

    Challenge:

    • Customer wants to migrate to Intune
    • High importance of cybersecurity in a very sensitive environment
    • More than 200 applications must always be patched

    The solution:

    • Managed service for partially automated continuous updating of applications
    • Close integration into the vulnerability management process
    • Migrate software packages to Microsoft Intune
    01
    Software packaging @ Energy provider

    Application packaging aaS for energy suppliers

    energy supply
    |
    >1,500
    staffs

    Challenge:

    • Restructuring should separate the IT department and infrastructure from the existing
    • New IT department is being streamlined
    • The company is therefore unable to manage 350 applications itself

    The solution:

    • Application packaging aaSin close coordination with the internal IT department
    • Provision of a customer portal to view status
    • Considering high safety requirements
    Let's talk Endpoint

    The fastest path to effective BitLocker protection

    Secure and productive endpoints in three steps.
    Learn what you need to do and how to get to more structure and secure and productive endpoints in the shortest possible way.
    1
    Get in touch

    Get in touch with us below for a short-term and non-binding initial consultation.

    2
    Initial consultation

    During the initial consultation, we will discuss your requirements and see whether Secure Disk is the solution for you.

    3
    Free trial


    We're launching the free trial period together, during which you'll experience that Secure Disk for BitLocker is likely to be an investment that pays off for your organization as well.

    Blog

    Expert Insights To Go: Our Newest Blog Posts

    Always a step ahead!

    We send IT decision makers and endpoint administrators hand-curated news, technical insights and practical tips about endpoint management & security that are not available anywhere else.