3 Replies Latest reply on Jul 13, 2009 7:30 AM by SafeBoot

    Decrypting USB drives


      I'm using Endpoint Encryption [Manager], and I apologize for my ignorance. I feel like a complete retard right now, but I can't find information on decrypting managed machines. Is there a way to decrypt from the machine itself, or do I need to change the policy and have them synch with the server (or some other method completely)? Also, is there documentation on this somewhere? I looked at the Help files and in the kb and forum, but I wasn't able to find anything that really answered this.

      Specifically, I encrypted our consultant laptops and sent them out to customer sites. I set the policy to Removable Devices - Manually Select. I didn't do my hw, so I didn't really know what that meant - I just assumed it meant I or they would manually select to encrypt a removable drive or not, when they were plugged in (or something like that). Now I have users who plugged in thumb drives; they were encrypted, and now they can't access their data (as it happens, the customer also reformatted the laptops with their own load). If I can figure this out in time, there may still be one left with the McAfee encryption (but not the one that encrypted the USB drive[s]). Is there a way to manually decrypt the USB drive, either from the laptop with McAfee EE still installed, or from some external source? The only way I can think of is possibly if I change the policy on the server to removable devices "never encrypt" and then have them plug in their USB drive and synch the laptop with the management server.

      Please let me know if you need any additional information. Any help is appreciated. Thanks!
        • 1. RE: Decrypting USB drives
          if the machine which encrypted the device has been reimaged, then you'll have to use SafeTech or WinTech to do a decrypt of the stick. If you use EEPC to encrypt sticks, then they can only ever be used on the machine which encrypted them.

          "manually select" meant that you could pick from the list of drive letters which drives to encrypt - the user never had any control over the matter.

          If you still have machine/stick pairs in use, you are right, if you change the policy for that machine it will decrypt the sticks where needed if they are detected during a sync.
          • 2. RE: Decrypting USB drives
            Thanks for the response :)

            Where might I find some documentation on using SafeTech? Is it in the Help section of the encryption manager, or would there be better documentation on the McAfee site somewhere?
            • 3. RE: Decrypting USB drives
              there's a manual in the documents folder on the CD, and installed alongside EEM?