We are using EEFF 4.2 for USB encryption. McAfee support could not give me a clear idea of how EERM would handle a USB device that already has encryption.
I have run into an issue with a lexar device that I was told had "hardware encryption". It was encrypted and gives me the EERM logon box when inserted however it shows another partition in addition to the Mcafee partition after logon.
I also have an MXI usb device in my logs showing as exempted by device id. However, I did not add it as an exception in my policy. I found that MXI \ Ironkey is now Imation and they have a "partnership" with McAfee.
So where do I get more info on which devices will be exempted by McAfee (if that's the case) and how EERM handles either hardware of OEM encryption of USB drives?
EERM doesn't "handle" it at all - it's enterly separate. EERM creates files on a storage device, and presents these files as a virtual volume you can store other things within - imagine it like a Zip file etc.
so if the underlying storage is hardware encrypted, EERM does not know or really care about such - it can still create its file-based container on top of it.
the exemptions in EERM's configuration are there to make things simpler for users who do have hardware encrypted devices - but as you've found, even though a device supports hardware encryption, it may still have a plain text partition on it which is insecure.