File Share Encryption

 View Only
Back to discussions
Expand all | Collapse all

setting policies for workstations to not encrypt drive

  • 1.  setting policies for workstations to not encrypt drive

    Posted Jan 19, 2016 04:08 PM

    Hi I was wondering if anyone would able to help regarding the following scenario.

    Currently Symantec Encryption Desktop 10.3.2 is rolled out to all of my companies laptops.  It was being deployed via SCCM and did an auto encrypt of the HD as soon as agent was installed.  Desktops were out of scope till now.  We would like to start deploying the agent to the desktops,however the desktops would use only the file share and/or removable media encryption feature and most workstations will not have their hard drives encrypted.

    So in this scenario,

    what is the best way to deploy the Agent to all laptops and workstations but not allow encryption to automatically start and create a manual trigger for all future deployments.  Some workstations require no hard drive encryption and some do.

    Would this be a policy change on the SEMS server or is that only user base instead of computer based



  • 2.  RE: setting policies for workstations to not encrypt drive

    Posted Feb 11, 2016 10:56 PM

    Hi,

    I have read through your senario, I guess you also aware what is the solution.

     

    Create a new policy for the desktop group to meet the requirement. But you have to prepare a list of User for desktop group and enroll all the user using desktop into the group.

    as you mentioned and you aware that the SEMS is only support user base instead of computer based grouping.