Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

USB devices must be read-only or PGP Portable

Created: 05 Aug 2012 • Updated: 04 Jun 2013 | 7 comments
JRoberto's picture
This issue has been solved. See solution.

I need to apply the following policy:
USB devices must be read-only or PGP Portable
the problem is that if I choose read-only, after creating the PGP Portable, PGP Portable is also read-only.
If I encrypt the USB device, the PGP Portable does not work on machines without PGP.
is possible to create a policy with read-only option  or writable PGP Portable?

Comments 7 CommentsJump to latest comment

Alex_CST's picture

You want the USB stick to be entirely read only AND encrypted?  Or is it possible to have just one of these options?

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

James Hawk's picture

I wasn't aware this was an option with PGP WDE. Might you be referring to PGP/Lumension Endpoint?

From your description you want a USB stick to be read-only unless it is encrypted where it will become writable? I know how to do this in Endpoint at least.

James Hawk's picture

What about the option Enable automatic encryption or locking of removable devices? It can be found under the Consumer Policy options > Desktop... > Disk Encryption.

An option below this is Lock device as read-only and provide users with the option to encrypt with PGP Whole Disk Encryption (Windows clients only) that sounds like it would do what you're after...

I'm not sure how long that option has been available, but I am currently using Universal Server 3.2.1 with PGP WDE 10.2.1.

mheathemmi's picture

this is exactly the issue I have.  I'm posting here in hopes that one of you found a solution and just did not post it here due to lack of interest.  any luck?

James Hawk's picture

Does my post help at all? Never got any feedback to know and we don't use it here for me to try it out.

JRoberto's picture

James,

Your post not solved the problem.

after enable the option: Lock device as read-only and provide users with the option to encrypt with PGP Whole Disk Encryption (Windows clients only)

appear a new problem: the PGP Portable after mounted  also is read-only.

this is the problem.

KMGilbert - Cohort's picture

Hi,

You need to add a special advanced pref under your consumer policy to make the default encryption for removable devices default to PGP Portable - need to add the property as a new key and set it to boolean true

The property is: 

portableForceRemovableEncryption

SOLUTION