The Sophos Community will be unavailable from 13:00 to 18:00 UTC this Saturday, October 1st for upgrades. Stay tuned to our Twitter account @SophosSupport for updates.
This article describes Persistent Encryption and how to enable or disable it.
Product SafeGuard LAN Crypt Client v.3.7x and above Client OS All supported operating systems
Windows/Windows Explorer and encryption A new (optional) extension in Windows Explorer makes sure that encrypted files remain encrypted during copy and/or move operations, even if there is no encryption rule defined for the target path. IMPORTANT: note that this feature is only available for operations in Windows Explorer. Operations in the command line and complex copy operations like “Save as…” started from different applications cannot be captured by the filter driver. SafeGuard LAN Crypt Persistent Encryption
There is a new feature in SafeGuard LAN Crypt (SGLC) version 3.7x, that warns the user if a copy operation would decrypt an encrypted file if there is no encryption rule on the target directory. The checking procedure can be disabled in the SGLC Configuration (gpedit.msc) or you can simply select the "don't show this warning again" checkbox.
There are six different warnings that are shown if "Persistent Encryption" is enabled, and a copy operation would cause an encrypted file to be decrypted. The warnings are as follows:
1- To enable or disable Persistent Encryption via the Registry of the client:
HKLM\Software\Policies\Utimaco\SGLANCrypt\LCShellx (Computer policy)
HKEY_CURRENT_USER\Software\Policies\Utimaco\SGLANCrypt\LCShellx ( User policy)
2- Using configuring group policy:
Computer Configuration | Windows Settings | SafeGuard | LAN Crypt Configuration | Persistent Encryption
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.