This option was formerly known as EERM (Endpoint Encryption for Removable Media).This allows end users to encrypt USB devices, and also be able to read these encrypted devices on machines without having to install the McAfee Encryption software. This is a “container based” encryption approach.The secure container which contains the data can be unlocked either using a password or a certificate.
There is an initial provisioning step where the container needs to be created. The screenshot below shows the UI for the device provisioning.
After the initial provisioning step, there are no additional steps for the end user. All that the end user has to do on inserting an encrypted USB stick is to provide the authentication credentials, and on successful authentication, can "Add" or "Remove" or "Create" files in the secure container area of the device.
This option was formerly known as EERM (Endpoint Encryption for Removable Media). This option is primarily the same as the previous one except the fact that this option ensures that end users cannot copy data to the USB device unless the device is encrypted.
The screenshots below show some of the options that are available with Protection Level Options (2) and (3).
This option was formerly known as “Regular Encryption”. This is a “file based” encryption approach. The Administrator can configure the key with which the files copied to the USB device should be encrypted with. In this case, Encryptionis enforced which will ensure that all files copied to the USB device are automatically encrypted with the configured key.
In this case, the encrypted files can only be read on machines only with the client installed (having the necessary key). The end user does not have to configure anything when this option is selected.
With Protection Level Options (2), (3) or (4), the end user sees a padlock icon (when inserted on the client) on the USB device drive, and also on the files in the device indicating that they are encrypted and are in a protected state.