I'm currently testing out EEFF.
I have managed to successfully encrypt a folder, both with and without an automated policy, as well as individual files.
I'm have currently experienced the following behaviour.
If I encrypt a file and move it, it stays encrypted. This is correct
If I encrypt a folder and move it, it stays encrypted. This is also correct
If I encrypt a folder and add a file, it encrypts. This is correct
If I encrypted a folder and remove a file, it decrypts. While this makes sense, it is not the desired behaviour for ourselves, and I can't imagine we're alone here.
Is there a way to make it so that removing a file from an encrypted folder leaves it encrypted?
Are you moving the file on the same machine ?
Do you have decryption policy assigned on the target location ?
Generally, When you move any encrypted files to the different location, it will not decrypt those files, it remains protected.
I don't have a decryption policy, set, and I'm trying to copy it from a network share which is encrypted.
I have tested, and when I do it on the same machine, the file does in fact stay encrypted, but the machine which I'm doing the file moving on has the correct keys, and is actually the machine which did the encryption.
We need a little more information on your setup and exactly what you are doing - "remove a file" doesn't really make sense.
also be aware that if you install EEFF on a file server - that's not supported and can result in lots of unobvious (but predictable) behaviour - EEFF should only be installed on endpoints themselves.
do you have network encryption enabled in your policy though? That would be the most obvious cause of problems.
|Explorer Integration:|| |
Those are my general settings and network settings. EEFF is installed on my client Machine, the folder is located on a file server but is being encrypted by the client machine and all tests are being run from the same client machine
Steps I am taking to recreate this issue
1. Encrypt a folder on the File Server from the client machine. This is done with a key which is assigned to a machine.
2. Drag a file from this folder onto the local machine. This file then copied to a non-encrypted version.
3. Copy the whole folder to the local machine. This folder then remains encrypted.
4. Copy a file out of the local folder copy. This file then remains encrypted.
Step 2 seems incorrect to me, but I can't see what I've done wrong to cause it. I can list additional policies as well if needed.
check for hidden files in the folder on your client machine for a .cekey file - it's likely there's a policy set to decrypt files placed there.
This file exists in the source, but not in the destination.
As an interesting aside, if I copy the entire folder, it remains encrypted, and if I then copy files out it remains encrypted. The issue appears to be with copying individual files across volumes