McAfee Endpoint Encryption
(formerly SafeBoot Device Encryption)
McAfee Endpoint Encryption
(formerly SafeBoot Device Encryption)
As part of Kent State's continued efforts to secure sensitive data, Information Services has procured data encryption software for use on all university-owned, Windows-based laptop and desktop computers. The new software is called McAfee Endpoint Encryption, and it provides full-disk encryption that protects data stored on your computer regardless of which directory it is saved to on your hard drive. McAfee Endpoint Encryption will protect the data in the event that your computer is stolen; however, it does not protect data sent via e-mail or saved to external media, such as CDROMs or USB drives.
McAfee Endpoint Encryption is not a substitute for following safe computing practices:
Remember
- Do
- Continue to lock or logout of your workstation anytime you walk away
- Remove sensitive data that is no longer needed from your computer
- Change your password at least twice a year
- Don't
- Open e-mails or attachments you weren't expecting
- Disable anti-virus, firewall or Windows update software
- Share your password with anyone (even the Helpdesk)
Things to avoid / that will damage the McAfee Endpoint Encryption pre-boot OS environment and system MBR.
- Improper shutdown during the initial encryption process.
- Repartitioning your disk drive.
- Running 3rd party disk defragmentation utilities that ignore the “unmovable” file flag.
A1. Call the Helpdesk to have a one-time recovery code generated.
Note: You will need to have access to the computer in question.
A2. Try to login to McAfee Endpoint Encryption using your previous password; if this does not work, call the Helpdesk to have a one-time recovery code generated. (See Q1).
A4. Full-time / part-time faculty / staff and student employee’s using University purchased PCs that are running Windows XP or Vista
A5. FileVault is the recommended solution for encrypting files on computers running OS X (10.4 and 10.5)
A6. We currently have a license to handle 10250 users and 2050 machines; each install of McAfee Endpoint Encryption automatically deducts one machine from our license when it checks into the server for the first time. The user count is also automatically deducted when we import users from active directory.
A7. Yes, the installer does include Altiris; however you can uncheck it during the installation to only install McAfee Endpoint Encryption.
A8. McAfee Endpoint Encryption will install a pre-boot (pre-Windows) login, required to unlock the hard drive. The user will be prompted to login to the pre-boot screen anytime he/she reboots his/her PC (the login information is simply the user’s FlashWord userID and password).
A9. McAfee Endpoint Encryption will only encrypt internal hard drives per the system it is installed on.
A10. McAfee Endpoint Encryption is transparent to the Windows operating system. The only component that runs in Windows is the driver and agent, which is used to synchronize new users, passwords, encryption policies and audit information.
A11. Formatting or re-imaging a system with a fresh ghost image will effectively remove any trace of McAfee Endpoint Encryption and the encrypted data that was on the drive.
If you need immediate assistance with a McAfee Endpoint Encryption related issues, please call the University Helpdesk
This page is maintained by:
End User Support Services and Security and Compliance