PGP Desktop Whole Disk Encryption

Symantec helps consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.

Symantec Pgp Whole Disk Encryption

To remove Symantec (formerly called PGP) Encryption Desktop for Windows from your computer, you'll first need to decrypt the encrypted volumes, and then you can uninstall the software.

Decrypt a volume

To decrypt your encrypted volumes:

  1. Open Symantec/PGP Encryption Desktop from the Start menu or system tray. You'll see the Symantec Encryption Desktop home screen:
  2. In the column on the left, under 'PGP Disk', click Encrypt Disk.
  3. In the center column, select the encrypted volume(s) that you want to decrypt.
  4. If you do not need the system to perform other work while it decrypts your volumes, you can check Maximum CPU Usage in the column on the right to shorten the time it takes to decrypt. If you need the system to do other things while it decrypts, leave the box unchecked.
  5. At the upper right, click Decrypt.
  6. When prompted, enter your PGP passphrase.
  1. PGP Whole Disk Encryption Recovery Disk Image(s) - PGP Desktop for Windows 9.0 - 9.7. While the chances are extremely low that a master boot record could become corrupt on a boot disk or partition protected by PGP Whole Disk Encryption, it is possible.
  2. Open Symantec Encryption Desktop by going to Start Programs Symantec Symantec Encryption Desktop. Click PGP Disk on the left. Click Encrypt Whole Disk or Partition on the right. If you are not planning to use the computer during the encryption process, check the box next to Maximum CPU Usage. This will speed up the process at the cost of.

Uninstall Symantec/PGP Encryption Desktop

Symantec encryption desktop whole disk encryption

Pgp Desktop Whole Disk Encryption Mac

If you attempt to uninstall Symantec/PGP Encryption Desktop before you decrypt your encrypted volumes, you'll see the following error message:

You can not uninstall Symantec Encryption Desktop when drives are still encrypted. Installation terminated.

To decrypt your volumes, follow the instructions above.

Once you've decrypted all of your encrypted volumes, to uninstall Symantec/PGP Encryption Desktop:

  1. Open the Start menu, and enter the first few letters of the program name in the search box (e.g., sym, or pgp for older editions).
  2. From the list that appears, select Uninstall Symantec Encryption Desktop.
  3. When prompted, click Yes to confirm that you want to uninstall the program.
  4. If you see a 'User Account Control' prompt, approve it.
  5. A pop-under notification (i.e., a window that appears behind other windows) called 'PGP Global Directory Unenrollment' will open; locate it and click OK.
  6. When prompted, click Yes to restart your computer.
  7. After your computer restarts, the Symantec/PGP Encryption Desktop bootguard screen should be gone, and you should be able to log into your computer normally.
  • Install PGP
  • Use PGP for encryption

Pgp Desktop Whole Disk Encryption File

Install PGP

To encrypt your Windows computer with PGP Whole Disk Encryption (WDE), you'll first install Symantec Endpoint Encryption (PGP), and then use PGP to encrypt the drive.

You must complete the two steps below; your computer is not fully protected until you finish the encryption process.

Pre-installation notes

  • Previously installed PGP software: If you are using a version of PGP that was not distributed from IUware, some features you currently use may be disabled after installing the IU licensed PGP software. Consult with your IT Pro before installing. Details about upgrading from older versions are documented in the PGPDesktop user guide and distributed in the IUware disk image.
  • Supported operating systems:
    • Windows 10 (32- and 64-bit editions)
      The above operating systems are supported only when using PGP 10.3.2 MP10 and later.
    • Windows 8.x Pro and Enterprise (32- and 64-bit editions)
      The above operating systems are supported only when using PGP 10.3.1 and later.
    • Windows Server 2012 and Windows Server 2012 R2 (64-bit edition)
    • Windows Server 2008 (32- and 64-bit editions, including Service Pack 1 and 2)

    PGP WDE supports internal system RAID-1 and RAID-5.

Install Symantec Endpoint Encryption (PGP) on Windows

  1. Download Symantec Endpoint Encryption (PGP) from IUware. Be sure to download the correct version for your system.
  2. Double-click the installation executable file.
  3. At the Security Warning, click Run.
  4. Click I accept the license agreement. Click Next, and then click Next again.
  5. Allow the UAC to install the software. Wait while the system updates; this may take a few minutes.
  6. Restart your computer.
  7. After login, you will be prompted for PGP Enrollment.
  8. Your username should be automatically filled in. Enter your ADSpassphrase, and then enter another passphrase. You should now be enrolled.

To open Endpoint Encryption, click the icon in the notification area.

Use PGP for encryption

Encrypt an entire disk

It takes approximately four hours to encrypt a 250 GB drive, and another four hours to decrypt it.

To encrypt an entire disk:

  1. Open Endpoint Encryption.
  2. In the left column, select PGP Disk.
  3. Select Encrypt Whole Disk or Partition. Choose the disk and partition you want to encrypt.
  4. Select New Passphrase User.
  5. Follow the steps to add an ADS user. Since Use Windows logon is the only option for boot partitions, your passphrase must match the ADS passphrase.
  6. Select Encrypt.

Once you've encrypted the disk and rebooted, an Endpoint Encryption login will appear just after the BIOS loads (PC), and before the operating system can load. The person(s) listed in the User Access field will then be able to log in. The passphrase will serve as a single sign-on and will also authenticate to ADS.

PGP Desktop Whole Disk Encryption

Encrypt a partition or flash drive

Symantec Encryption Desktop Whole Disk Encryption

Encrypting a flash drive or partition involves the same steps as encrypting the entire disk, with the exception of the step where the user is added. Specifically, the username and passphrase do not have to match ADS.

After inserting a flash drive into a PC running PGP WDE Desktop, you will be prompted to enter the PGP passphrase to access the disk. Inserting a flash drive into a PC that is not using Endpoint Encryption will produce a message indicating the drive needs to be formatted before use.

The University Information Policy Office can issue you a recovery token for a forgotten passphrase for a disk or file.

Create and open PGP zip files

To create a PGP zip file:

Whole
  1. Open Endpoint Encryption.
  2. In the left column, select PGP Zip and then new PGPZip.
  3. Choose from the following options, and follow the resulting instructions.
    • Recipient keys: Allows only IU ADS keys to be added (most secure option, and requires PGP WDE to decrypt).
    • Passphrase: Allows for the creation of a unique passphrase (PGP WDE needed to decrypt).
    • PGP Self-Decrypting Archive: PGP WDE is not needed.
    • Sign only

Pgp Whole Disk Encryption Bypass

To open a PGP encrypted file, from the left column, select OpenPGP Zip and follow the instructions.

Pgp Desktop Whole Disk Encryption System

Shredd free space

  1. Open Endpoint Encryption.
  2. In the left column, select PGP Disk.
  3. Select Shred Free Space, and click Next.
  4. From the drop-down menu, select the drive where you wish to shred free space.
  5. Select the number of passes, and click Begin Shred.

PGP shredder is available to all three security groups. A PGP Shredder will also be placed on your desktop; this will act like the recover bin, except that it will shred anything dropped into it.

Comments are closed.