We are running the product on-premises but are considering migrating to the cloud. Upgrades from one version to another may only sometimes be straightforward, especially if one needs a clearer understanding of the process.
It doesn't have traffic intelligence or a good UI, and it's difficult to integrate the solution with the DLP. When integrating with DLP, we have to work with endpoint computers, and though we give the package and teach users, they find it very hard.
Learn what your peers think about Symantec Endpoint Encryption. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
In the future, the solution needs network folder encryption that can be done on Macintosh. The solution presently doesn't let network folder encryption be done on Macintosh.
We'd like the solution to be lighter. Symantec used quite a lot of memory. The product can be expensive. Price was a factor in moving away from the product. We'd like it to offer a better decryption tool. If we lost the recovery key, we had a lot of issues.
The only challenge which I see is that they are no longer the major market player. They have too high of a price tag. That's why they're losing the market share. Technical support needs to be better. They need more skilled techs and they need to be faster at responding.
Forensic Technology Manager at a financial services firm with 5,001-10,000 employees
Real User
Top 5
2021-08-13T12:44:37Z
Aug 13, 2021
The primary objective is to encrypt drives. It's doing a good job. I cannot recall coming across any missing features. From an administration point of view, maybe it would be ideal to have it centrally managed.
Project Manager at a tech services company with 51-200 employees
Real User
2021-06-15T20:32:29Z
Jun 15, 2021
What I didn't find helpful in the version we used is the fact that all devices had to be on the same network for us to push through the encryption. With lockdowns and people working from home nowadays because of the COVID-19 pandemic, there's no way to deploy a solution in that manner. It should be easier to classify documents that should be encrypted, that is, to create policies for documents that should be encrypted. Maybe, it should be according to departments as well. Customization should be a bit more granular because nowadays, things are very dynamic. Environments are very fluid. So, the policies should reflect that. In terms of the policies you can apply, there should be a bit more granularity to it, and it should be something that you can turn on and turn off as needed.
Project Engineer (Engineer II) at Sarawak Energy Berhad
Real User
2021-04-29T19:47:17Z
Apr 29, 2021
If it could offer seamless upgrades to seamlessly do the switching that would be great. That's the pain point here now. The setup time takes quite a while sometimes. The encryption, once you install a new computer, takes a few hours to encrypt. From our testing, it feels like nothing is being restored, however, it's actually running in the background. We'd like to switch from Symantec due to the fact that the switching part is a pain. If we want to switch our Windows it will be a pain to do that. We have thousands of machines. It would be a hassle if you have to switch every time to do that. The initial setup is a bit complex.
Manager at a financial services firm with 201-500 employees
Real User
2021-02-09T17:21:14Z
Feb 9, 2021
Its decryption time needs to be improved. Currently, its decryption time is very long, and it takes double time than encryption. They need to work on that. Its encryption time is fine.
There are some issues with the single sign-on with the active directory. We had a few problems related to the synchronization between the active directory and the login features of the Symantec products because the users made many password changes during the day. The time for synchronization with the solutions can be improved. I would like to see mobile encryption. There should be a possibility to include all the mobiles of a company in the console. Many customers are asking about encryptions for tablets or cell phones, but we don't have any product that we are comfortable with to recommend to our customers.
Manager at a tech services company with 51-200 employees
Real User
2020-10-04T06:40:15Z
Oct 4, 2020
Its remote deployment should be improved. Currently, there is no remote deployment for Symantec Endpoint Encryption. You have to install it manually. There are some issues with AD integration and the time taken to reflect a password on the Endpoint Encryption Manager when a new user has changed the password, but they are already working on these issues, and these will be resolved in the next release.
The solution does slow down the device a little bit, once it's installed. The Windows 10 comes with Defender. It has its own security layer. It's supposed to protect desktops and laptops running Windows 10. Right now, our question is, what is the additional protection we get from using any other antivirus or other packages on these machines? Symantec isn't really making it clear how they add to or enhance the level of protection we'd get from them if we kept them with Defender already on Windows 10.
Assistant System Engineer at a tech services company with 51-200 employees
Real User
2020-07-06T08:10:00Z
Jul 6, 2020
Currently, all the software has been managed by BitLocker, but Windows does not suit every encryption management software. There are many apps that do that kind of thing. All the features are there so I don't think that needs to be on encryption software. I'm working with some end point management software and they are managing the software and connections, what can be installed and what is restricted, etc... But more features need to be included in the encryption software.
TitleGeneral Manager at a tech services company with 501-1,000 employees
Real User
2020-01-12T12:02:00Z
Jan 12, 2020
I do not find the environment to be very user-friendly. The technical support is not very good, especially for issues involving the encryption. If the user loses their encryption key then the process for recovering it is complicated and should be made simpler. During the last upgrade, I experienced some data corruption on my laptop. I was unable to view the data, nor get support from Symantec.
From the technical side, I am fine with the features as they are, I am not sure where they might have the need for improvement, and I don't have a solid opinion about it. For the Symantec company and products, they need to engage in more marketing activities in the Middle East because they are not focusing on our needs. They need some stability in their own business structure because they have been buying a lot of companies that go out of the market. There are so many changes that Symantec makes that the ordering systems become affected. Sometimes it has been nightmarish to just finish transactions on Symantec systems because of all the product fluctuation. They need to review the channel procedures, their internal procedures from the distributor and have some activities with their consumers to be more aware of the market. I think in general that they need to be more conscious of the potential in the Middle East and have a better presence, but I don't know what else they can provide as far as functionality. From my standpoint, all that I need, I found in their solution. The product itself is very good but they have organizational issues.
System Administraor at a tech services company with 11-50 employees
Real User
2019-12-12T07:48:00Z
Dec 12, 2019
The hard drive encryption needs to be improved. There is an issue, for example, where we cannot easily do Microsoft updates. The updates stop before the PGP reboot is complete. So when PGP encryption from the hard drive is active, we can't update Microsoft Windows. As a work-around, we have to decrypt the encrypted hard drive, which takes an hour every time, and then do the updates and then encrypt again. It is time-consuming and there must be a better solution. One other improvement I would like to see is the ability to get support directly from the seller. There should be a better way to open tickets directly from the seller to eliminate delays and have a better way that we can contact them and get help when we need it. Technical support is a problem.
Information Security Senior Expert (Founding member, African Cybersecurity Center) at a financial services firm with 10,001+ employees
Real User
2019-11-18T07:22:00Z
Nov 18, 2019
We need to develop a process for this solution. We can't deploy the solution without being assisted by or followed by a process. Also, we need to define the process for administrative responsibilities, and the help desk to be notified for every issue with the solution by the users. If for example, a user forgets the endpoint key, they cannot access their data. We need a support team that is a single point of contact for the IT entity to be trained and to have documentation for troubleshooting and managing the solution. We would like the editors or solution providers to present us with a roadmap of the new features and their functionalities. If we were to have this roadmap, we could define our roadmap to integrate the new features.
Senior Security Consultant at a tech services company with 201-500 employees
Real User
2019-10-29T09:45:00Z
Oct 29, 2019
The main concentration has been on upgrading the cloud version with new features and cloud security. They are mostly providing the cloud version and stopping with the on-premises version. I think that they should improve the on-premises version to include the manageability and simplicity that is available on the cloud. This should all be included in the on-premises version. Currently, the on-premises version is tricky and difficult. They should be looking at the on-premises deployment and simplifying it. In the next release, I would like to see the uninstall feature be more advanced.
Endpoint Specialist at a computer software company with 201-500 employees
Real User
2019-09-25T05:10:00Z
Sep 25, 2019
When we started at that time, the engineers configured the solution only for our roaming users. Now, we have to reconfigure to SQL because we have almost 10,000 clients. We have to do this through SQL because we cannot keep a record of each client. The agent can be improved on the solution. Right now, we have an Endpoint Protection agent as well as an encryption agent and another for the DLVs and other services. We would prefer a single agent for the entire product. Endpoint Encryption should be the same as Endpoint Protection. However, for security purposes, we don't want to show to the client the hard drive encryption and all of those related features. If the solution could remove this visibility on the client level and keep it on the control level of the server, that would be better. We don't want to show to the user the security policies.
Senior Security Analyst at a tech vendor with 11-50 employees
Real User
2019-03-11T07:21:00Z
Mar 11, 2019
I would like them to have integration with a wider range of non-Symantec products. It is the industry standard product with the common set of features, but we would like extra features added on.
Information System Security Manager at a aerospace/defense firm with 10,001+ employees
Real User
2019-03-11T07:21:00Z
Mar 11, 2019
Semantic is out there doing the work, identifying viruses and malware that come out weekly. That's the real-world landscape and they're pushing that stuff out as quickly as they can. But I can only patch monthly. I don't know what the solution is there, besides being vulnerable for three weeks out of four. But there's got to be an option somehow.
Symantec Drive Encryption, powered by PGP technology provides organizations with strong full-disk and removable media encryption and the ability to integrate with Symantec Data Loss Prevention. Intuitive management enables enterprise scale deployments and features compliance-based, out-of-the-box reporting plus customizable reports. Management capabilities include support for native OS encryption (FileVault2) and Opal compliant self-encrypting drives.
I would like to see some features or functionality enhanced in Symantec Endpoint Encryption.
I would like to have less frequent updates.
We are running the product on-premises but are considering migrating to the cloud. Upgrades from one version to another may only sometimes be straightforward, especially if one needs a clearer understanding of the process.
The GUI could use some enhancement, particularly in making option sets easier to locate on client machines.
When you install Symantec, your system will become slow. They need to work on the console.
It doesn't have traffic intelligence or a good UI, and it's difficult to integrate the solution with the DLP. When integrating with DLP, we have to work with endpoint computers, and though we give the package and teach users, they find it very hard.
In the future, the solution needs network folder encryption that can be done on Macintosh. The solution presently doesn't let network folder encryption be done on Macintosh.
The solution does not have endpoint control. It should be included so clients can easily uninstall their endpoints.
The UI could be improved.
We'd like the solution to be lighter. Symantec used quite a lot of memory. The product can be expensive. Price was a factor in moving away from the product. We'd like it to offer a better decryption tool. If we lost the recovery key, we had a lot of issues.
The only challenge which I see is that they are no longer the major market player. They have too high of a price tag. That's why they're losing the market share. Technical support needs to be better. They need more skilled techs and they need to be faster at responding.
The primary objective is to encrypt drives. It's doing a good job. I cannot recall coming across any missing features. From an administration point of view, maybe it would be ideal to have it centrally managed.
What I didn't find helpful in the version we used is the fact that all devices had to be on the same network for us to push through the encryption. With lockdowns and people working from home nowadays because of the COVID-19 pandemic, there's no way to deploy a solution in that manner. It should be easier to classify documents that should be encrypted, that is, to create policies for documents that should be encrypted. Maybe, it should be according to departments as well. Customization should be a bit more granular because nowadays, things are very dynamic. Environments are very fluid. So, the policies should reflect that. In terms of the policies you can apply, there should be a bit more granularity to it, and it should be something that you can turn on and turn off as needed.
The security could be improved.
If it could offer seamless upgrades to seamlessly do the switching that would be great. That's the pain point here now. The setup time takes quite a while sometimes. The encryption, once you install a new computer, takes a few hours to encrypt. From our testing, it feels like nothing is being restored, however, it's actually running in the background. We'd like to switch from Symantec due to the fact that the switching part is a pain. If we want to switch our Windows it will be a pain to do that. We have thousands of machines. It would be a hassle if you have to switch every time to do that. The initial setup is a bit complex.
Its decryption time needs to be improved. Currently, its decryption time is very long, and it takes double time than encryption. They need to work on that. Its encryption time is fine.
There are some issues with the single sign-on with the active directory. We had a few problems related to the synchronization between the active directory and the login features of the Symantec products because the users made many password changes during the day. The time for synchronization with the solutions can be improved. I would like to see mobile encryption. There should be a possibility to include all the mobiles of a company in the console. Many customers are asking about encryptions for tablets or cell phones, but we don't have any product that we are comfortable with to recommend to our customers.
Its remote deployment should be improved. Currently, there is no remote deployment for Symantec Endpoint Encryption. You have to install it manually. There are some issues with AD integration and the time taken to reflect a password on the Endpoint Encryption Manager when a new user has changed the password, but they are already working on these issues, and these will be resolved in the next release.
The solution does slow down the device a little bit, once it's installed. The Windows 10 comes with Defender. It has its own security layer. It's supposed to protect desktops and laptops running Windows 10. Right now, our question is, what is the additional protection we get from using any other antivirus or other packages on these machines? Symantec isn't really making it clear how they add to or enhance the level of protection we'd get from them if we kept them with Defender already on Windows 10.
Currently, all the software has been managed by BitLocker, but Windows does not suit every encryption management software. There are many apps that do that kind of thing. All the features are there so I don't think that needs to be on encryption software. I'm working with some end point management software and they are managing the software and connections, what can be installed and what is restricted, etc... But more features need to be included in the encryption software.
I do not find the environment to be very user-friendly. The technical support is not very good, especially for issues involving the encryption. If the user loses their encryption key then the process for recovering it is complicated and should be made simpler. During the last upgrade, I experienced some data corruption on my laptop. I was unable to view the data, nor get support from Symantec.
From the technical side, I am fine with the features as they are, I am not sure where they might have the need for improvement, and I don't have a solid opinion about it. For the Symantec company and products, they need to engage in more marketing activities in the Middle East because they are not focusing on our needs. They need some stability in their own business structure because they have been buying a lot of companies that go out of the market. There are so many changes that Symantec makes that the ordering systems become affected. Sometimes it has been nightmarish to just finish transactions on Symantec systems because of all the product fluctuation. They need to review the channel procedures, their internal procedures from the distributor and have some activities with their consumers to be more aware of the market. I think in general that they need to be more conscious of the potential in the Middle East and have a better presence, but I don't know what else they can provide as far as functionality. From my standpoint, all that I need, I found in their solution. The product itself is very good but they have organizational issues.
The hard drive encryption needs to be improved. There is an issue, for example, where we cannot easily do Microsoft updates. The updates stop before the PGP reboot is complete. So when PGP encryption from the hard drive is active, we can't update Microsoft Windows. As a work-around, we have to decrypt the encrypted hard drive, which takes an hour every time, and then do the updates and then encrypt again. It is time-consuming and there must be a better solution. One other improvement I would like to see is the ability to get support directly from the seller. There should be a better way to open tickets directly from the seller to eliminate delays and have a better way that we can contact them and get help when we need it. Technical support is a problem.
We need to develop a process for this solution. We can't deploy the solution without being assisted by or followed by a process. Also, we need to define the process for administrative responsibilities, and the help desk to be notified for every issue with the solution by the users. If for example, a user forgets the endpoint key, they cannot access their data. We need a support team that is a single point of contact for the IT entity to be trained and to have documentation for troubleshooting and managing the solution. We would like the editors or solution providers to present us with a roadmap of the new features and their functionalities. If we were to have this roadmap, we could define our roadmap to integrate the new features.
The main concentration has been on upgrading the cloud version with new features and cloud security. They are mostly providing the cloud version and stopping with the on-premises version. I think that they should improve the on-premises version to include the manageability and simplicity that is available on the cloud. This should all be included in the on-premises version. Currently, the on-premises version is tricky and difficult. They should be looking at the on-premises deployment and simplifying it. In the next release, I would like to see the uninstall feature be more advanced.
When we started at that time, the engineers configured the solution only for our roaming users. Now, we have to reconfigure to SQL because we have almost 10,000 clients. We have to do this through SQL because we cannot keep a record of each client. The agent can be improved on the solution. Right now, we have an Endpoint Protection agent as well as an encryption agent and another for the DLVs and other services. We would prefer a single agent for the entire product. Endpoint Encryption should be the same as Endpoint Protection. However, for security purposes, we don't want to show to the client the hard drive encryption and all of those related features. If the solution could remove this visibility on the client level and keep it on the control level of the server, that would be better. We don't want to show to the user the security policies.
I would like them to have integration with a wider range of non-Symantec products. It is the industry standard product with the common set of features, but we would like extra features added on.
We would like some advanced security protection features.
Semantic is out there doing the work, identifying viruses and malware that come out weekly. That's the real-world landscape and they're pushing that stuff out as quickly as they can. But I can only patch monthly. I don't know what the solution is there, besides being vulnerable for three weeks out of four. But there's got to be an option somehow.
I would like them to improve their support.