Mac OS X Pre-Boot Authentication support
PGP WDE now supports Mac OS X boot disks.

PGP Whole Disk Encryption locks down the entire contents of a system or an external or USB flash drive. Boot sectors, system files, and swap files are all encrypted. Whole disk encrypting the boot drive means not having to worry if a computer is lost or stolen: to access data, an attacker would need the appropriate passphrase.

Multiple Ways to Share Data
Users can create storage-independent encrypted containers for transport and sharing of specific files using PGP Virtual Disk and PGP Zip.

• PGP Virtual Disk volumes - Uses part of the hard drive space as an encrypted virtual disk volume with its own drive name. A PGP Virtual Disk is the perfect place for storing sensitive files; it is as if they are stored in a safe. When the door of the safe is open (when the volume is mounted), files can be changed, taken out or moved into it. Otherwise (when the volume is unmounted), all the data on the volume is protected. PGP Virtual Disks are also self-expanding: they automatically grow to accommodate increases in data size, eliminating initial space allocation constraints.
• PGP Zip - Adds any combination of files and folders to an encrypted, compressed, portable archive. PGP Desktop must be installed on a system to create or open a PGP Zip archive. PGP Zip is a tool for securely archiving sensitive data, whether to distribute it to others or to back it up.

Secure File Deletion
PGP Shredder completely destroys files and folders so that even file recovery software cannot recover them. Deleting a file using the Trash does not actually delete it; it sits on the drive and eventually gets overwritten. Until then, it is trivial for an attacker to recover that file. PGP Shredder, in contrast, immediately overwrites files multiple times. This is so effective that even sophisticated disk recovery software cannot recover these files. This feature also completely wipes free space on drives so that deleted data is truly unrecoverable.

Key Management
The private key decrypts messages sent encrypted to the public key and secures the PGP Virtual Disk volumes. Public keys encrypt messages to others or to add users to PGP Virtual Disk volumes.

For (optional use) in a centrally managed environment with PGP Universal Server:
Centralized Management, Deployment, & Policy
Automate provisioning, user and key management, and policy enforcement across email, disk, removable media, and network file encryption using PGP Universal Server's web-based management console. Role-based administrative access enables administrative separation of duties.

Event Logging
Comprehensive logs record all administrative and disk encryption operations for auditing and security best practices.

Recovery Passphrase

• Automatic generation and central storage of unique one-time-use recovery passphrase enables remote assistance.
• Automatically resets the recovery passphrase after each use, reducing administrative overhead.

Policy-Driven Encryption of Removable Media
PGP Whole Disk Encryption users managed by PGP Universal Server automatically apply encryption of removable media according to policy, ensuring consistent data protection for these easily lost devices.

Supported Operating Systems

Mac OS X

• Mac OS X 10.4.10 and later (Intel-based Macs, system volumes only)
• Mac OS X 10.4.X and Mac OS X 10.5.X (Intel and PPC platforms, non-system volumes only)

Supported Keyboard Languages

• English

Authentication Options

• OpenPGP RFC 4880 keys
• X.509 certificates

Symmetric Key Algorithms – PGP Whole Disk Encryption

• AES 256-bit keys

Centralized Management Requirements

• PGP Whole Disk Encryption is centrally managed by PGP Universal Server which requires a dedicated hardware server. For supported hardware and other information, please refer to the PGP Universal Server technical specifications.