Bitdefender GravityZone full disk encryption is a solution provided by Bitdefender that gives the safety things to the company and complies with stolen or lost devices. This full-disk encryption provides you with easy remote management of the encryption keys. It is a type of solution that gives FileVault and the diskutil command-line utility (both on macOS), centralized handling of BitLocker (on windows), the advantage of ensuring optimal comparability and performance, and native device encryption.
GravityZone Full Disk Encryption Supports
Bitdefender GravityZone full disk encryption is accessible for most Windows and Macs devices that can drive FileVault, BitLocker, and diskutil. If you are using the Windows space, this feature is not available for operators with “Home” editions of the OS. Below are some examples of operating systems that support Bitdefender GravityZone full disk encryption.
➔ Windows 7 Ultimate (with TPM)
➔ Windows 8 Enterprise
➔ Windows 8 Pro
➔ macOS Sierra (10.12)
➔ OS X El Capitán (10.11)
➔ macOS High Sierra (10.13)
Does it Work Only with Devices Who Have BitLocker Capability/TPM Chip?
Bitdefender GravityZone full disk encryption easily works with both the systems without or with TPM (Trusted Platform Module). For most of the devices of the system, TPM is optional, except for Windows Server 2008 R2 and Windows 7, where TPM is needed. TPM has to be version 1.2 or higher.
What Type of Disks Does GravityZone Encrypt?
Bitdefender GravityZone full disk encryption encrypts boot and non-boot volumes on fixed disks, laptops, and desktops. In addition, it offers easy remote management of the encryption keys. If you can try it on your removable drives, it does not work with this encryption. The Bitdefender GravityZone full disk encryption uses:
FileVault: It encrypts the boot volumes on Mac.
BitLocker: It encrypts the boot and non-boot volumes on Windows.
Diskutil: It encrypts non-boot volumes on Mac.
How Do I Easily Encrypt Volumes with GravityZone?
Bitdefender GravityZone full disk encryption levitates the native programs for encryption support on the Windows and macOS platforms.
At the time of applying a GravityZone policy with the Encryption element enabled:
➢ On Windows, the protection agent manages BitLocker to encode or decode volumes according to the policy.
➢ On macOS, the protection agent manages FileVault to encode or decode boot volumes and diskutil to encode or decode non-boot volumes.
Endpoint operators can operate FileVault, BitLocker, and diskutil on their own as long as the encryption element in the protection is disabled.
Encryption On Windows
To encrypt volumes with Bitdefender GravityZone full disk encryption on Windows endpoints, you are required to apply a policy with the Encryption element enabled and the Encryption option chosen. At the endpoint, the encryption rate depends on whether the device has a functioning TPM (Trusted Platform Module) or not.
Endpoints With TPM:
- The protection agent prompts the operators to configure a PIN. If the TPM does not run or GravityZone does not find it, the operator will be prompted to configure an encryption password.
- Then, you have to tap the Save button, and the protection agent shares a recovery key related to the encryption PIN to the GravityZone console. When the GravityZone sends a confirmation response to the protection agent, the encryption operation begins on the boot disk (C:). And it keeps doing so with the other disks.
On endpoints with TPM, the encryption operation begins without having a PIN from operators when the Bitdefender GravityZone full disk encryption policy has the option. If TPM (Trusted Platform Module) is active, do not inquire about the pre-boot password enabled.
When starting an encrypted device, the operators first type the PIN in the pre-boot area. It helps to unlock the boot volume, then the device credentials. The non-boot volumes are unlocked automatically.
Operators do not require to type PIN in the pre-boot area when the option“If TPM (Trusted Platform Module) is active.” Do not inquire about the pre-boot password enabled”in the Bitdefender GravityZone full disk encryption policy.
➔ Configure the smallest PIN length for a startup.
➔ Configure passwords for operating system drives, with the need for password complexity.
➔ Configure passwords on fixed data runs, with the need for password complexity.
➔ Disagree with standard operators from changing the password or PIN.
Endpoints Without TPM: –
- The protection agent prompts the operators to configure a PIN or password.
- And then, you have to press the Save button, and the protection agents share a recovery key related to the encryption password to the Bitdefender GravityZone console. When the GravityZone sends a confirmation response to the protection agent, the encryption operation begins on the boot disk (C:) and keeps doing so with the other disks.
Encryption On MacOS
To encrypt the volume on macOS endpoints, you are required to apply a policy with the Encryption element enabled and the Encrypt option chosen. At the time of policy is applied:
For the boot volume:
➔ The protection agent prompts the operators to go to their device credentials to begin encryption with FileVault.
➔ After pressing the ok button, the protection agent shares a recovery key to the Bitdefender GravityZone console, and the encryption operation begins. If you have clicked the Not Now option, the encryption window will fade away. And it will pop up after a while, as long as the policy is ON the endpoint.
For any non-boot volume:
➔ The protection agent prompts the operators to configure a PIN or password to begin encryption with diskutil.
➔ After pressing the Save button, the protection agent shares a recovery key to the Bitdefender GravityZone console. After that, the encryption operation begins. If you have clicked the Dismiss option, the encryption window will fade out. And it will pop up after a while, as long as the policy is active on the endpoint.
FAQs
Should you use Bitdefender GravityZone full disk encryption?
Volume level Bitdefender GravityZone full disk encryption helps secure from accidental loss or data theft by rendering data stored on hard drives. And it usually happens when an unauthorized operator tries to obtain access. So, yes, you should protect your data with Bitdefender GravityZone full disk encryption.
Is Bitdefender GravityZone full disk encryption overkill?
Simply set, full-disk encryption is excess for the situation you most likely have. The two encryption configurations we’ve modulated secure you in various ways. The main difference in the degree of protection between them is that file-based encryption. However, they secure the operator’s paper or document and media files.
What is Bitdefender GravityZone full disk encryption?
Bitdefender GravityZone full disk encryption is a solution provided by Bitdefender that helps or supports companies to comply with data regulations. Moreover, it prevents the loss or stealing of sensitive information in situations like lost or stolen machines. Bitdefender GravityZone full disk encryption provides you with easy remote management of the encryption keys.