Pre-Boot Authentication
Full Disk Encryption (FDE) White Paper
Full Disk Encryption (FDE) has been hailed as the final word in Data-At-Rest (DAR) security by many in the industry, but some fail to recognize that encryption is only as secure as the authentication used to access it. Encryption without strong authentication is like locking your door and then leaving the key in the lock while you walk away. Leaving authentication to your operating system is one step better, but only gives you the security of hiding the key under your doormat.
A Pre-Boot Authentication (PBA) environment serves as an extension of the BIOS or boot firmware and guarantees a secure, tamper-proof environment external to the operating system as a trusted authentication layer. The Pre-Boot Authentication prevents Windows or any other operating system from loading until the user has confirmed he/she has the correct password to unlock the door. That trusted layer eliminates the possibility that one of the millions of lines of OS code can compromise the privacy of personal or company data