RealTime IT News

PGP Locks Up the Mac

Security

Enterprises seeking a way to encrypt their growing number of Macintosh devices now have a new option from PGP. The company has unveiled a Mac OS X version of its Whole Disk Encryption 9.9 security software.

As with its Windows counterpart, the Macintosh version has been validated for use by the U.S. government to protect data on laptops, desktops and portable media devices.

Unlike other encryption solutions, both versions come with a preboot authentication check.

"This lets IT manage those Macs that are now side by side with PCs," John Dasher, PGP's director of product management, told InternetNews.com.

Macintosh platform security is a growing concern as the Mac OS X gains traction in enterprise infrastructure. Dasher said Macintosh products are often overlooked when it comes to security, as Windows has been dominant in most businesses.

He recounted an incident this past February at the National Institute of Health (NIH) in which a laptop theft exposed confidential clinical information on 2,500 patients.

The data was housed on both Windows and Mac devices, but the Macintosh computers were not encrypted, he explained. In response the NIH now prohibits Mac laptops for use when dealing with sensitive data, Dasher said.

Enterprise adoption of Macintosh products tripled last year to 4.2 percent, according to a Forrester Research (NASDAQ: FORR) report this past March.

The Yankee Group reported that 87 percent of companies now have some Macintosh computers plugged in -- a spike of 48 percent over two years.

Those numbers will continue to rise given the popularity of new laptops such as the MacBook Air. IDC (NYSE: IDC) reported that laptops will constitute 68 percent of all computers by 2011 as they increasingly replace desktops.

Security risks will increase in tandem given research indicates many data breaches involve portable devices and malware writers are now aiming for the platform as well. According to Ponemon Institute, 56 percent of mobile data breaches are due to lost devices including laptops and removable media.

In February security vendor Sophos reported that financially motivated hackers had targeted Apple Mac computers with malware for the first time.

The average cost of a breach is $197, an increase of 43 percent since 2005, according to Ponemon.

"Macs are slowly gaining ground, but since management vendors have focused on Windows, there is a security and an operations gap," Jon Oltsik, senior analyst for information security at Enterprise Strategy Group, told InternetNews.com. "PGP recognizes this and is responding with product support. I expect lots of others [security vendors] to follow," Oltsik said.

Whole Disk Encryption secures all the contents of a laptop, desktop, external drive and flash drive, from boot sectors to system files. When tech teams use the software with the PGP Universal Server, they can manage policies, users, keys and configurations from a single console.

"This is a very transparent full-disk encryption approach that goes from the hard drive to the thumb device for complete protection," said Dasher, adding that it's "defense in depth as the best security is achieved with layers."

The product will be available in July. Pricing is $119 per user for the stand-alone version, and when the software is used with the PGP Universal Management Server, the annual subscription for 1,000 seats is $42,000. A perpetual license is $104,000.