The CEO of the company uses the latest Check Point Endpoint client on his laptop. All capabilities are enabled, and FDE has been applied. The CEO is on a business trip and remembers that he needs to send some important emails, so he is forced to boot up his laptop in a public are
a. However, he suddenly needs to leave and forgets to lock or shut down his computer. The laptop remains unattended. Is the CEO's data secured?
Full Disk Encryption (FDE) primarily protects data when the computer is turned off or locked. If the laptop is booted and left unattended without being locked or shut down, the encryption does not actively protect data at the moment. Anyone who gains physical access to the device during this time can view and access all open data and applications until the computer auto-locks or is manually locked.
Exact Extract from Official Document:
'Pre-boot Protection requires users to authenticate to their computers before the computer boots. This prevents unauthorized access to the operating system using authentication bypass tools at the operating system level or alternative boot media to bypass boot protection.' This implies that once booted and logged in, the data is accessible if the laptop is left unattended and unlocked.
Check Point Harmony Endpoint Specialist R81.20 Administration Guide, Section: 'Pre-boot Protection'.
Currently there are no comments in this discussion, be the first to comment!