I'm just testing the implementation of "Endpoint Encryption 1.1.1" and "Endpoint Encryption for files and folders 4.0.0" on our EPO 4.6 environment. Everything is working well. But I have one question regarding recovery possibilities. To recover encrypted HDDs (encrypted by EE 1.1.1) I tested the EETech tool. This tool is also working well to get access on EE 1.1.1 encrypted HDD.
But how can I get access on (additional) encryptet files and folders that are (additional) encrypted by "Endpoint Encryption for files and folders 4.0.0"? I've started my EE protected system using the BartPE boot CD. After authentication using the EETech toll and the furter exported machine.XML file I have access to the HDD files and folders. But all files and folders that are additional encrypted by "Endpoint Encryption for files and folders 4.0.0" are unreadable.
How can I get access to files and folders that are encrypted by "Endpoint Encryption for files and folders 4.0.0" without booting the current installed OS? There should be a possibility to copy and restore this encrypted files and folders if the OS have crashed. Is there also a recovery tool (loke EETech) for restoring this encrypted files? I've also exported the "Endpoint Encryption for files and folders 4.0.0" encryption key as a .BIN file. But how to use this for an offline encryption?
Thanks for help.
Best regards and greetings from Germany
JanniNachricht geändert durch EPO-Janni on 13.10.11 16:51:26 MESZ
Solved! Go to Solution.
not really a good one but:
After removing Endpoint Encryption copy those Files to an other System with EEFF and use "allow explicit decrypting" on that one (policyname: "general/generic"). Assign the specific encryption Key to the new machine and there after you should be able to decrypt all those files after moving them off the encryptet media (right click on these files: McAffee Endpoint Encryption->Decrypt).
Not a good one, not the answer you really wanted but nevertheless a Workaorund.
Any further advice in recovering not only a crashed EEPC-System but EEF-Files would be appreciated.
thanks for information. I will also check this possibilities next week. We will have a McAfee workshop.
Eeff is not machine specific, so you can just copy the data to another machine and decrypt it there (as long as you have rights to the key etc)
If you allowed users to encrypt files without using a central recovery key, the data will of course be lost if their machine dies. That's why central recovery keys are so important.
thanks for information. Yes that's one possibility to restore this data. But I searched for another possibility to get access to encrypted data using a kind of recovery tool like the EETech tool. Is there such a (offline) tool available to restore data using the exportet .BIN key?