An enterprise computing environment uses network connected computers (e.g., a personal computer, a workstation, a thin client computer, etc.) to provide end users with tools for the modern office. Some network connectable computers include a resident encryption module as part of the built-in, or installed software provided with the computer. The resident encryption module performs a consumer-orientated disk encryption implemented during setup of the computer.
The resident encryption module can provide storage of the user's encryption key on a server designated by the operating system's provider. For example, Apple's Mac OS X Lion operating system (Apple, Inc., Cupertino, Calif.) includes a resident encryption module branded FileVault 2 that provides such an option. The encryption key can be retrieved over the phone by providing specific personal information. The encryption retrieval process is available to enable a user to access their personal data in the event of a forgotten operating system username and password.
Storing a disk encryption password on a server outside of the enterprise computing environment and control does not meet the high standard security protocol implemented by the enterprise itself. Further, retrieval of the encryption key via a telephone call by providing personal information also does not meet enterprise security protocol.