Overview: Encryption policy is a group of settings available for the SEM administrator to manage encryption on all local volumes and removable devices on client computers. The encryption policy is implemented using Seqrite Volume Encryption software installed on client computers.
Applicable Versions:
Windows XP, 7, 8 and 10 32 and 64 bit (Max version support build 2009)
Windows server 2008, 2012 and 2016, 2019 64 bit (Max version support build 1903)
Encryption policy includes the following settings:
Policy name
Fixed drive action. The following actions are possible:
▪ Encrypt: When you apply this policy, you ask the user on the client computer to enter a
password and start the encryption process. With this policy, all the local volumes will be
encrypted. However, the mapped network drives will not be encrypted.
▪ Decrypt: When you apply this policy, you initiate the decryption process on the client
computer.
▪ Manage locally: With this option, you give the rights to the user to manage the
encryption process on the local or single computer.
Encrypt volumes without drive letter (mount points): You can select this check box, if
you want to encrypt mount points.
Settings for removable devices:
Encrypt : When this check box is selected and a removable device (i.e. a USB drive) is
connected to the computer, the user will be asked to enter a password and start the
encryption of the removable device. If the user refuses to encrypt, then access to the
removable device will be restricted. The restriction on the removable device will read-only
or blocked depending on the other option selected.
When this check box is not selected, the user will not be forced to encrypt the removable device.
For an encrypted removable drive, the user will be able to enter the password either to
decrypt or continue using it.
▪ Read-only access if media is not encrypted: You can select this option to provide read-only access to the removal device if the user resist to encrypt the removable device.
▪ Block access if media is not encrypted: You can select this option to block complete
access to the removal device if the user resist to encrypt the removable device.
• Encryption algorithm: You can use different encryption algorithms to manage the policies.
SEM provides different algorithms such as; AES, RC6, Twofish, and Serpent.
• Single Sign On Action: The SEM Administrator can apply Single Sign On policies on the
endpoints using the Single Sign On actions such as:
▪ User Control: With this action, the Administrator gives the endpoint user the privilege
to associate with Single Sign On authentication on their own. It is user’s choice to enable
Single Sign On or not.
▪ Enable: When this option is selected, the Administrator directly applies the Single Sign
On authentication policy. The user will receive continuous prompt on the computer to
opt for Single Sign On untill the user accepts it after the encryption of the volumes.
▪ Disable: When this option is selected, the Administrator disables the applied Single Sign
On authentication policy.
Set all the settings and click ADD.
To edit an existing encryption policy, click on the policy name in the list of encryption policies presented on the Company page. The following dialog will appear:
Make any desired changes and click SAVE.
Please contact Seqrite Technical Support for more assistance.