Overall Satisfaction with Symantec Endpoint Encryption
We use Symantec Endpoint Encryption in our remote laptops to protect against any data theft in the event a laptop is lost or stolen. Since many remote users tend to keep a majority of their files stored locally, this is more important than someone located in the office where a majority of files are located on a network drive.
- We can manage and view the status of each client from a centralized server.
- It sync passwords with the local Windows account so there are no additional passwords the user needs to remember.
- Our help desk is able to use the One-time password feature if the passwords get out of sync and the user is locked out.
- The process to set up a user account is a real pain. Symantec requires the user answer a bunch of security questions if they need to reset their password, but no one ever remembers the answers to the questions that they selected.
- Since we use this for remote users who don't always connect to our VPN, when they change their network password it isn't always reflected in Windows and the Symantec Endpoint Encryption (SEE) passwords frequently get out of sync. When the user eventually does connect to the VPN, they do sync and really throw the user for a loop in which passwords to use.
- We found a huge problem with SSDs where an encrypted drive operated twice as slow as a mechanical drive. I believe this was addressed in a later release.
- I can't think of any positive impacts to ROI. To my knowledge, we've never had a laptop go missing where SEE had protected the data. I guess that's a good thing?
- Negatively, we spend a lot of time getting it to operate effectively (usually during the boot up/logging in process). Which is usually only a temporary fix because passwords never stay in sync because of our environment with off-site users
We find it very difficult to manage. Users are always needing their passwords reset as they rarely stay in sync with Windows. And from a security standpoint, if the user account is compromised, then the encryption is useless because it's the same password. The time to encrypt or decrypt a drive seems much longer than I would expect and many users experienced a huge decrease in performance with an encrypted drive.