I have changed to the Boot Disk Only. I had it set for all disks and it was encrypting external drives as well so limited the usage of eternal devices. As for as I'm aware when encrypting Boot Disk Only it does the full disk.
"Boot disk only" will *only* encrypt the Windows partition. All other partitions on the boot disk, and all secondary disks will remain unprotected.
EEPC 6.2 gives you the capability of specifying per-partition encryption....you could use this to determine which partitions to encrypt and which to leave unprotected.
The issue with external eSata drives is that there is no way to reliably tell whether a drive is an eSata drive or an internal drive (it's just a different connector, after all).
jmushet, thank you.
When you mentioned "it was encrypting external drives", are they USB drives and the flash drives included? I haven't set up All disks option yet to avoid this issue.The lack of equipment to test it with delays testing & deployment. However, I found a tablet with two paritions- C; and D:. Currently, it is encrypted with EEPC 5.2.4. After upgrading to 6.2 the C: partition encrypted okay, but the D: partition started decrypting. I guess a another policy will have to be created to manage it.
Message was edited by: Integer10 on 9/16/12 12:45:29 PM CDT
dwebb, Thank you.
You are right, the second partition, D: started decryption after upgrading from 5.2.4
I am new to ePO, are you referring to the policy with "Boot manager" option for enabling\disabling partitions --to encrypt? Can you provide a basic usage of the option?
Since we use USB HD, for disaster recovery, backup, etc., isn't using the All disks option a risk when attaching the external drives and when they are also in use?
No, there is no risk with USB drives, as they are always "external" - There's no such thing as an "internal" usb drive.
the problem lies with eSATA - often the OS cannot make a determination if an eSATA drive is external or not, so it presents itself as a non-removable SATA internal disk.
Thus. EEPC will encrypt it.
If the drive, driver, and OS all work properly, eSATA drives show up as removable disks - then EEPC won't encrypt them.