"FDE" is usually thought of as the acronym for "full-disk encryption," but to CREDANT Technologies, "FDE" means "full-data encryption." The distinction is meant to emphasize that CREDANT Mobile Guardian (CMG) encryption can take place whether data is on a desktop, laptop, PDA, or USB stick and that it's granular, so administrators can set policies to determine which data is protected and against whom. Also important to CREDANT is that encryption should not interfere with IT administrative processes and should be transparent to users.

Lori Williams, VP of customer delivery for CREDANT, said the company's focus is on "protecting data regardless of where it is--regardless of the device type--and being able to manage that centrally." You set policies on the CMG central server and send them out to CMG Shield agent software on desktops, laptops, PDAs, and smart phones. "Security is not one-size-fits-all. We give administrators the ability to decide what to encrypt. It can be very granular," explained Williams. For example, CMG supports both common keys and user keys. So you could encrypt a file or folder with a common key such that anyone in the organization could open it, and you could encrypt another folder with a user key so that only that user has access to it.

CREDANT just released CMG Enterprise Edition 6.0, which added new management and reporting capabilities. Also new is CMG StandAlone Windows Shield to secure company data on machines that you don't centrally manage (such as a contractor or business partner's laptop).