NMS for PC v2.8 is a file encryption system with some interesting bells and whistles. The software integrates into the Windows logon process, using logon to ensure that access to encrypted data is limited to authorized users.
But because of this integration, you also get a bunch of password security tools, which is impressive. NMS has taken some steps to integrate with other enterprise authentication solutions, but we were concerned about possible conflicts, so careful testing for your environment will be required.
The first downside came when we realized all users protected this way must be Windows power users (but the vendor tells us this has now been corrected).
Once installed, the software can encrypt files, folders or disks on demand using 128-bit 3DES.
This is transparent to the user – the only feedback is a little black dot on the file icon in the Windows file explorer (so if you are browsing the file system with anything else, you might be in for a surprise).
This is primarily aimed at mobile users who are worried about their hard disks being stolen – the user can easily email a file in its unencrypted form.
However, NMS does attempt to lock down copying where it can – removable disks, including USB tokens, can be set to automatically encrypt files as they are copied. This works for file servers too, although we were able to circumvent it easily enough by not using Windows Explorer to copy files.
A mass-deployment tool is provided, which helps in rolling out the software, although we were not keen on requiring users to run a provided executable. Have we not just weaned them off trusting incoming exes?
A password-recovery tool is also useful, providing a client-server challenge/response to reset the password. However, this must be set manually on a per-user basis, so this is not going to work for a large environment.
We like the ideas, but improved deployment and tools for large groups would make it a lot better. And, a nice touch, there is also a PDA version for PocketPCs.