Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 8 subscribers
  • Views 17789 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SafeGuard Enterprise 8 - Removable Media Encryption Not Working

Lloyd Jones

Hello,

 

I've configured our Removable Media Encryption policy and it doesn't appear to be working. When a USB drive is plugged in, there are no prompts to encrypt and it is fully readable. I couldn't find what other settings need to be configured to get it working. The client does have the data exchange component installed and is licensed for it.

Thanks,

 



This thread was automatically locked due to age.
Parents
  • +1

    Hi Lloyd,

    Data Exchange is used for file based encryption not volume based.  Try changing the encryption mode to "file based".

    If that does not work, run an RSOP against the machine and user to confirm the policy is being applied correctly.

    Bill.

Reply
  • +1

    Hi Lloyd,

    Data Exchange is used for file based encryption not volume based.  Try changing the encryption mode to "file based".

    If that does not work, run an RSOP against the machine and user to confirm the policy is being applied correctly.

    Bill.

Children
  • 0 in reply to BillKearney

    Hi Bill,

    I believe the issue was that I didn't have the correct GPOs set to make this happen (I did want volume encryption, not file based). I'm now getting a BitLocker popup prompting me to encrypt the removable drive when I connect it, but after encrypting the removable drive doesn't show up in SafeGuard Management center. Is there a guide on exactly which GPO settings and SafeGuard settings need to be in place to manage BitLocker removable disks via SafeGuard Management Center? 

     

    I presume that I should get a SafeGuard popup on the client machine asking to encrypt, not a BitLocker one.

  • 0 in reply to Lloyd Jones

    I also wanted to clarify that I'm working with Windows 10.

  • 0 in reply to Lloyd Jones

    Just updating this thread as I get more info. It looks like the SafeGuard Management Center doesn't even see the USB drive under "Drives" for the machine. I've tried formatting it as NTFS and FAT32 to see if that made a difference, but it doesn't. Am I missing something here? I'm guessing that even if the USB drive isn't encrypted, SafeGuard should at least show it in the console.

  • +1 in reply to Lloyd Jones

    Hi Lloyd,

     

    Safeguard only supports Bitlocker encryption for internal and external hard disks.

    For removable media you would need to use the Safeguard Data Exchange module.

    Bill.

  • 0 in reply to BillKearney

    I had this same problem and found the answer here after wasting >1 hr on it. If someone at Sophos is reading, maybe the SafeGuard Management Console could be configured to disallow selecting Volume-based encryption for removable media ... or at least pop up a warning?

Unfiltered HTML