DescriptionCategory
Use recovery key — Specifies the Regular or User Personal key
that can be used to recover the encrypted removable media.
•
• Allow recovery password — Enables user to specify a password
during initialization that can be used to recover the encrypted
removable media.
• Allows user questions — Enables user to specify five questions
during initialization that can be used to recover the encrypted
removable media. To recover the device, user must answer at least
four questions correctly.
• Allow user certification — Enables user to attach a Windows
certificate during initialization that can be used to recover the
encrypted removable media.
• Options — Specifies general encryption options for the removable
media
• Exclude devices larger than — Disables encryption of devices
whose size is larger than the specified value. Default value is 8192
MB.
• Make unprotected files and folders read-only (when used
with EEFF) — Does not allow user to modify unprotected files and
folders on the device when used on a system with EEFF client.
• Floppy Disk Drives — Specifies encryption options for floppy disk drives.
• Make floppy disk drives Read-Only — Does not allow user to modify
files and folders on floppy disk drives.
• Exempt device IDs — Does not update the specified devices with the
changes in encryption policies.
• Add — Adds the ID of the device that will not be updated with the
changes in encryption policies.
• Remove — Removes device ID from exemption list.
• Edit — Edits the ID of the device that will not be updated with the
changes in encryption policies.
CD/DVD Encryption • None Selected — Does not encrypt while burning files and folders to a CD or
DVD. User can encrypt or decrypt files or folders using the context menu on
the client system, if required.
• Enforce encryption on CD/DVD write operations — Encrypts files and
folders while burning it to a CD or DVD with the selected key. If Decrypt key
is selected, Encrypt and Decrypt options in the context menu is disabled on
the client system.
• Do not allow writing to CDs and DVDs (make CD/DVD read-only) —
Does not allow user to write any files or folders on CD or DVD.
Encryption Options • Encryption Options
• Preserve file times — Does not change the file modified and accessed
time on encryption or decryption.
• Require authentication for listing of encrypted folders — Blocks
unauthorized users from browsing encrypted folders.
If the key used to encrypt a folder is not assigned to the user, then the
user cannot view the content of that folder if EEFF is installed. If the key
is assigned to the user, then the user can view the content of folders
encrypted with that key.
• Use wiping when encrypting and deleting files — Uses a secure delete
algorithm when encrypting files to ensure that no trace of the plaintext
data remains on the client system.
NOTE: File wiping may slow down encrypted file operations due to the
additional disk operations required.
Configuring EEFF policies using ePO
EEFF Policies
McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide18