10.1 What Is ZENworks Full Disk Encryption?

ZENworks Full Disk Encryption uses disk encryption and pre-boot authentication to protect the data on your computer’s local fixed volumes when the computer is powered-off or in hibernation mode.

10.1.1 Disk Encryption

ZENworks Full Disk Encryption encrypts local fixed volumes or partitions. For a single hard disk with multiple volumes, one or more of the volumes can be encrypted. All files on a volume are encrypted, including any temporary files, swap files, or operating system files. Because all files are encrypted, the data cannot be accessed when booting the computer from external media such as a CD-ROM, floppy disk, or USB drive.

ZENworks Full Disk Encryption only encrypts local fixed volumes. It does not encrypt removable volumes (USB drives and so forth) or network volumes.

10.1.2 Pre-Boot Authentication

Encrypted data is available after successful authentication. There are two levels of authentication that your ZENworks administrator can apply to your device:

  • Windows login: This is the standard Windows login screen. If Windows login is the only required authentication, you gain access to encrypted data as soon as you successfully log in.

  • ZENworks Pre-Boot Authentication (PBA): This added layer of access security uses MD5 checksums and strong key encryption, making it more secure than the Windows login. Before the Windows operating system boots, the ZENworks Pre-Boot Authentication screen is displayed. You gain access to encrypted data after you successfully log in to the ZENworks PBA. If your ZENworks administrator has not enabled single sign-on between the PBA and Windows login, you might also need to log in to Windows.