We use McAfee DLP for endpoint security of USB ports.
We also use MEEPC on our laptops. We have a policy that users with removable media used for backups can attached their drives to their laptops, map the drive to Z, and MEEPC will encrypt using DE. This works fine as it binds the USB drive to that one laptop. We then add the serial # of that drive to DLP which allows them to write to it.
I have a few questions on this...
Q 1. Does anyone know if DLP is MEEPC aware? Meaning, DLP doesnt seem to block windows from Formatting the drive or block MEEPC from encrypting the drive (which is basically writing)
Once the drive is encrypted with DE, it is locked to that machine. In a recovery scenario, we boot using a wintech cd with the usb drive connected, after authentication & authorization, we mount the USB drive and copy user's backup files to a network location, etc. When the user gets a new laptop or previous laptop is rebuilt, the USB drive needs to be reformatted and re-encrypted by MEEPC, however this fails as DE reports that the drive is already encrypted, even after reformatting.
Q 2. How do we remove previous SB sectors fro the USB drive?