We are about to start rolling out EEFF 3.2.2 with only the EERM portion enabled. We have run across several issues in testing that seem to be major annoyances in the product. I would like to know from folks that have deployed EERM how they have dealt with these issues.
1) We are encrypting the entire removable device. Therefore, existing data must be copied to local hard drive before encryption is implemented on the removable device. This brings up the issue of having to deal with local drives that do not have enough free space to temporarily store the existing data from the removable device. Unfortunately, EERM does not perform a "pre-check" and just plows ahead at copying data until the local drive runs out of space. At that point the user can run "disk cleanup wizard" or cancel. Depending on the size of existing data on the removable device and the amount of local free space, this may take a long time before running out of local free space and then having to backout of the process. Any suggestions?
2) One of the EERM options is the "Exclude Devices Larger Than..." option. Also, there is a "Make unprotected files and folders Read-Only" option. We definitely want to use both these options, unfortunately this means that any devices that are larger than our size in option 1 will become Read-Only. These devices are more than likely going to be very large external drives that are part of legitimate work-flows, and thus we really do not want them to become read-only. Our idea so far is that we are just going to have to try and identify these large devices up-front and make a separate policy for those machines. Again, any suggestions would be helpful.
3) Just some other annoying aspects of EERM are: Inability to change the password complexity requirements for EERM and inability to customize the rather odd wording of the different dialog boxes that pop-up during initialization of devices.
Thanks in advance for any help!