Scan QR code or get instant email to install app
Download ITEXAM Prep app now
Scan QR code or get instant email to install app
Question:
Any data that is sitting somewhere on a drive is considered data-at-rest. It needs to be protected even when it isn't transferring between different network locations. It is not a smart approach to let the employee decide what should be encrypted using EFS since it leaves too much room for human mistake. There are third-party companies that focus on protecting data-at-rest. Utilizing MDM (mobile device management) software is another option. MDM enables the IT administrator to enforce encryption on remote devices, even those owned by staff members who use their personal devices for work-related purposes. Using MDM software, company data can be removed from a lost or stolen device. A solution for encrypting entire hard drives is BitLocker, but it requires Windows 10 or 11 Pro or higher editions plus a TPM (Trusted Platform Module) chip or module on the motherboard. In the TPM, BitLocker stores an encryption key that can only be accessed if the computer started as expected.