Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog

Ensuring Disks are Encrypted

Created: 01 Apr 2009 • Updated: 05 Nov 2012
Doug McLean's picture
0 0 Votes
Login to vote

Q: I want to do an audit of my IT environment to see which machines are encrypted.  I want to make sure the machine's encrypted, not just have PGP installed.

A: The best way to do this is to run a managed environment using PGP Universal. If, however, you're running an un-managed environment there are other ways to check. If you have physical access to the machine, go to the command line and type:  pgpwde --status --disk 0. The response will tell you if the disk is instrumented with bootguard or not which indicates whether or not the disk is encrypted.

If you don't have physical access to the machine in question, but you can access via the 'net, you'll need to use the schtasks.exe command with something like this:

@echo off
for /F "tokens=1,3,5,9 delims= " %%A in ('pgpwde --disk-status --disk 0') do if "%%A"=="Total" (set /a WDEStatus="((%%C+%%D)/%%B)*100" )
echo Disk is %WDEStatus%%% encrypted.

(Note that there are only 3 lines: @echo off, for /F (until the line ends with *100" ), and echo Disk...encrypted)