Hello,
I'm testing the encrpytion for removabl media.
We want to prevent users from accessing work related files on their home machines, any files written to removable media should be encrypted and only be accessed on domain joined/network machines, the encrypted files can be shared and accessible under any login on any company domain joined machine.
We have chosed encryption with certficate to achieve this.
Here are the SEE RME Group policy settings for the package to meet these requirements:
Users may encrypt files with: A certificate
Users can use expired certficiates to encrypt files: Enabled
Encrypion of files using a recovery certficate: Use a recovery certificate (Recovery certficate has been added)
Encrypt or decrypt files with a Workgroup key: Enabled
A Certficiate has been rolled out to atest machines, so they have a default certificate to use for the encryption. It has been installed in the windows User/Personal certificate store so whenever they attempt to transfer files to removable media it should default to this cert for the encryption/decryption.
I have two test machines, both have SEE RME installed with above policy settings. When I encrypt files on one machine and try and access them on the other machine I get the below error.
How can I decrypt the files and make them accessible on all company machines, will having a workgroup key will allow files to be shared/accessible?
I'm interested in hearing from forum members who have experience in rolling out the Certficate encryption method.
Thanks