This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Encrypting of USB Memory Stick

Hi,

I am fairly new to Sophos SafeGuard and wondered if someone can point me in the right direction of encrypting a USB Memory Stick using the Sophos SafeGuard Console?

Thanks and kind regards,

Dan Petford



This thread was automatically locked due to age.
Parents
  • Hi Dan - I think the VERY first step is Business Change. Any drastic change to policy (if you currently allow "free-reign") will have to be communicated to everyone. You will not be the most popular man at the party if you "accidently" encrypted Vera's France holiday photos, or the bosses PowerPoint presentation. 

    Second step I would create a test group of PC's and apply the policy to these only. You'll have to test this a great deal to be 100% confident in it.

    Third step - The policy creation. Best to go for Synchronised Encryption for USB rather than location based, especially if you have the existing hard drive/SSD encrypted.

    Are you wanting to encrypt the whole stick or files on it?

  • Thanks Michael,

    I want to encrypt the whole stick before we issue them out.

    I have made a Test Policy Item and a Test Policy Group, how do I now assign myself to it as a test?

    Kind regards, Dan Petford

  • Well done - good start!

    Once you've made the group (I was just going to advise you created a group rather than individually assigning!) you need to apply it either to the OU/container you're working with or the root of the OU. I use the root here for one of my policies so that'll it can apply to any object within the tree.

    Go to the root (or the OU you want to apply the policy/policy group to) - use the Policies tab. 

    Drag in the policy OR the policy group.

    Automatically it'll be applied to all users and computers in the bottom half. This will NOT be desired for your policy. 

    Click on Authenticated Users and remove it.

    Click on Authenticated Computers - remove this.

    On the bottom right - drag in yourself as a user/group.

    Click Save.

     

    Find your PC - Use your RSOP Tab and put in YOUR username/group. Click search to confirm the policy IS being applied to you AND/OR your PC.

     

    Refresh your client on your PC to get the new policy. You should see "New policies received" on the client.

     

    Hope this helps?

Reply
  • Well done - good start!

    Once you've made the group (I was just going to advise you created a group rather than individually assigning!) you need to apply it either to the OU/container you're working with or the root of the OU. I use the root here for one of my policies so that'll it can apply to any object within the tree.

    Go to the root (or the OU you want to apply the policy/policy group to) - use the Policies tab. 

    Drag in the policy OR the policy group.

    Automatically it'll be applied to all users and computers in the bottom half. This will NOT be desired for your policy. 

    Click on Authenticated Users and remove it.

    Click on Authenticated Computers - remove this.

    On the bottom right - drag in yourself as a user/group.

    Click Save.

     

    Find your PC - Use your RSOP Tab and put in YOUR username/group. Click search to confirm the policy IS being applied to you AND/OR your PC.

     

    Refresh your client on your PC to get the new policy. You should see "New policies received" on the client.

     

    Hope this helps?

Children