I am trying to figure out a few situations/hurdles in my ePO environment in regards to endpoint encryption:
I am running the following products in production in my current branch:
Endpoint Encryption for PC - 6.2.1
Endpoint Encryption Files and Folders - 4.1.1
I want to be able to do the following things but I am unsure if these products can accomplish this at their current time:
I want to be able to have a Windows backup stored on a removable HDD (via USB) that is encrypted with either Endpoint Encryption or Endpoint Encryption Files and Folders (removable media is configured)
The windows backup needs to be able to be accessible incase of system crash so that a user could perform a system restore from a windows installation disc. There are situations where a user's hard drive may die or windows may become corrupt and it is difficult to repair it because the disk is inaccessible for windows recovery attempts.
On that note -- how can I do a "windows repair" or work with the disk to do common windows repair steps/check disks/etc that is encrypted? Can winPE EEtech do this? If so are there any instructions? I have not been able to find documentation for these particular scenarios.
The reason why i figured Windows backup will not work with Endpoint Encryption for Files and Folders is because of the FAT32 limitation imposed on the removable media.
Any information would be helpful -- as I am trying to have some answers for these disaster recovery situations. I have used EETech standalone before but not EEtech winPE yet.
Unfortunately, not much can be done while the main hard drive is encrypted, with regards to disaster recovery/repair. McAfee usually recommends decrypting the drive before doing any kind of repair. We have used a BartPE disc with the EETech plugin successfully to run a chkdsk /R on a machine that would not boot to Windows, and/or to recover data from a machine that would not boot.
Refer to page 7 of the McAfee EETech user guide for instructions for creating/using a BartPE disc. https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/23000/PD23751/en_US/...
As for having a Windows backup on an external drive, encrypted, I'm not sure how that would be possible, since it would be impossible for the Windows Recovery program to read the drive if it is encrypted.