Credant Technologies has released a new version of its enterprise software for securing Windows-based laptops with a feature that now can encrypt low-level system files without requiring users to input a second username-password combination.

This new feature is based on what the vendor calls system data encryption, which gives Credant Mobile Guardian the basic capability of specialized full disk encryption products without the additional authentication step for users, or the additional management burdens for administrators, according to company officials.

Also new in Credant Mobile Guardian (CMG) Enterprise Edition 6.0 are:

* CMG StandAlone Windows Shield, a small program that loads via CD or the Web onto a laptop owned by a visiting contractor or business partner, and automatically encrypts any company data the visitor receives.

* Support for Nokia E-series handsets, based on the Symbian OS 9 software.

* Protection for CD/DVD media.

* Enhanced audit reports that now quickly confirm the encryption status of data on a given laptop, in case the PC is lost or stolen.

Previously, Credant Mobile Guardian combined two different encryption keys: a user key that lets an executive, for example, encrypt Excel spreadsheets with company financial data, and a common key that will let someone like a help desk technician log into the laptop to work with system files or applications but not unscramble the spreadsheets.

In doing so, Credant uses a technique that relies on the user’s standard, Windows authentication user name and password. A  user simply logs into a laptop and accesses the encrypted files without doing anything different. Behind the scenes, the Windows credentials are passed in effect to a Credant “vault” on the laptop, which confirms their validity, and then opens the encryption keys to the scrambled files on the disk. The vault is part of the CMG Enterprise Edition Shield for Windows client application, which communicates with the CMG server.

With Version 6.0, Credant preserves that same technique even though it extends encryption to most system-level files. Without encryption, these underlying files, such as swap files, temp files and the registry, potentially are vulnerable to attackers, who could use them to gain control of the computer.