DriveLock Customer Forum
Information
7 results found
-
Use of user groups for Bitlocker policies
Currently it is not possible to assign Bitlocker policies to individual user groups. Would be great to have such ability for clients with logged on service accounts or specific users which are not able to read the Bitlocker pre-boot message, i.e. visually impaired users.
2 votesIf you want to make exceptions to the policy assignment, it's a good idea to create a computer group where all the computers are members for which you want to make an exception. You can either add the computer group as an exclude in the assigned group, or work with conditional settings within the policy. Even if we could handle exceptions for a user group, which we can't at the moment, the currently logged on user is tricky because this exception wouldn't apply either before or after user logon. DriveLock should introduce a new assignment type based on the principle of computer ownership. Then, the admins can assign the group of owners. In the background, the membership is resolved and the policies are assigned to computers according to owner.
-
TPM PCR (Platform Configuration Register) Settings should be possible to set more detailed
We need to set the PCR Settings more detailed, for example PCR-0,2,3,4,7 and 11,so that we can follow our internal company security guidelines for securing our Windows 10/11 clients. As by today this is only possible by Microsoft GPO Settings, because the Drive Lock settings are not precise enough and will "combine" several settings (PCR-0,2,11) into one option for "yes or no" only.
As far as we understand there are 2 "Global options" in the BitLocker-Settings, which are the options behind PCR settings.
Reference: https://drivelock.help/versions/2023_2/web/en/complete/content/encryption/tasks/task_bl_pbaset.htm
The 1st Option "Automatically unlock ..." will set (hardcoded at BitLockerVolume.cpp / PCR 0,2 and…
1 vote -
Support Imprivata credential provider
For synchronization of users/credentials and for a Windows SSO after successful authentication of the user at the DriveLock PBA, a connection of the DriveLock Credential Provider to the Credential Provider of the Imprivata Agent is required (Credential Provider Wrapper).
1 vote -
802.1x support for SSO in the PBA/Win-Login
Currently the Single-Sign-On method for the PBA or for Windows doesn't support port configuration of 802.1x.
That hinder us from using this feature.So I'd like to suggest implementing the support of a port configuration 802.1x to use the SSO in the PBA/Win-Login.
1 vote -
DUO MFA Compatibility
We use Cisco sDUO as MFA for Windows. Unfortunately, the compatibility in connection with the PBA is missing here and thus no users are synchronized automatically.
2 votesWe continue to collect other customer's votes for this idea.
-
Mobile Encryption Application (macOS): Encryption 2 Go Container not visible without enabling hidden files visibility
When a USB flash drive encrypted with DriveLock Encryption 2 Go (container.based) is plugged in on a Mac the encrypted container is not visible on the USB flash drive. Only the DriveLock Mobile App (MEA) for Windows and macOS is visible. So, users cannot add the container to MEA to open it.
Current workarounds:
- Enable hidden files in Finder with the following command: "defaults write com.apple.finder AppleShowAllFiles YES"
- Invoke the MEA via command line and pass the path to the container as argument.Both workarounds are not an option for regular users.
3 votes -
Persistant File Encryption
As a user I want to have files automatically encrypted when saved into a specific directory, but when I copy or move this file out of this directory it should stay encrypted until an authorized user explicitly stores a decrypted version or manually decrypts it.
4 votes
- Don't see your idea?