File & Removable Media Protection (FRP) provides the capability to encrypt sensitive content on local drives and network shares based on either application (File encryption policy) and/or location (Folder encryption policy). This blog post focuses on the use case where you have sensitive content on network file shares that you want to protect and provide access to only a restricted set of users.
Some of the benefits/advantages that this solution offers are:
Centralized Management (ePO)
Best of breed management console that can manage all Endpoint Security products; if you have already have this set up, there is absolutely no additional overhead. Installation of FRP extension and installation to clients will take a just few minutes
No need for a separate Key Server/Manager
ePO also functions as a Key Server/Manager; encryption keys are generated and managed centrally on ePO
Use of Symmetric Keys
This results in primarily two benefits: minimal effort in handling key management & assignments and more importantly enables a transparent user experience with very minimal user intervention
No need to install any component on file shares
FRP clients (endpoint nodes) do the work of encryption/decryption etc.
The process of protecting sensitive content on file shares is relatively straightforward and consists of 3 steps:
Creation of FRP Encryption Key(s): To be used for protecting sensitive data
Creation of Policies: Grant Key Policy, Folder encryption Policy, Network Policy
Policy Assignment: of the above policies to system(s)/user(s)