Endpoint Encryption for Files and Folders 4.0 User Guide - McAfee
Endpoint Encryption for Files and Folders 4.0 User Guide - McAfee
Endpoint Encryption for Files and Folders 4.0 User Guide - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong><br />
<strong>4.0</strong>.0<br />
<strong>User</strong> <strong>Guide</strong>
COPYRIGHT<br />
Copyright © 2011 <strong>McAfee</strong>, Inc. All Rights Reserved.<br />
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any <strong>for</strong>m<br />
or by any means without the written permission of <strong>McAfee</strong>, Inc., or its suppliers or affiliate companies.<br />
TRADEMARK ATTRIBUTIONS<br />
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE<br />
EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN,<br />
WEBSHIELD are registered trademarks or trademarks of <strong>McAfee</strong>, Inc. <strong>and</strong>/or its affiliates in the US <strong>and</strong>/or other countries. <strong>McAfee</strong> Red in<br />
connection with security is distinctive of <strong>McAfee</strong> br<strong>and</strong> products. All other registered <strong>and</strong> unregistered trademarks herein are the sole property<br />
of their respective owners.<br />
LICENSE INFORMATION<br />
License Agreement<br />
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED,<br />
WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH<br />
TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS<br />
THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET,<br />
A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU<br />
DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN<br />
THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.<br />
2<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Contents<br />
Introducing <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. . . . . . . . . . . . . . . . . . . . . . . 4<br />
Why EEFF?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4<br />
How EEFF <strong>4.0</strong> works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4<br />
EEFF Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5<br />
System requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5<br />
About this guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6<br />
Using the Context menu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7<br />
Encrypting a file or a folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7<br />
Decrypting a file or a folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8<br />
Searching <strong>for</strong> encrypted files or folders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8<br />
Creating a Self-Extractor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8<br />
Reading a Self-Extractor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9<br />
Attaching a file or a folder as Self-Extractor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9<br />
Attaching an encrypted file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9<br />
Launching <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> Console. . . . . . . . . . . . . 11<br />
Managing <strong>User</strong> Local keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12<br />
Creating a <strong>User</strong> Local key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12<br />
Deleting a <strong>User</strong> Local key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13<br />
Renaming a <strong>User</strong> Local key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13<br />
Exporting <strong>User</strong> Local keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14<br />
Importing <strong>User</strong> Local keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14<br />
Recovering <strong>User</strong> Local keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15<br />
Changing <strong>User</strong> Local key authentication method. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15<br />
Managing <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17<br />
Initializing a Removable Media. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17<br />
Recovering a Removable Media. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18<br />
Changing EERM authentication method. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
3
Introducing <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong><br />
<strong>Files</strong> <strong>and</strong> <strong>Folders</strong><br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> (EEFF) offers data protection in the <strong>for</strong>m of<br />
powerful encryption technology so that only authorized users can access in<strong>for</strong>mation.<br />
Contents<br />
Why EEFF?<br />
How EEFF <strong>4.0</strong> works<br />
EEFF Features<br />
System requirements<br />
About this guide<br />
Why EEFF?<br />
EEFF offers enhanced security to protect your data. EEFF depends on Microsoft Windows user<br />
accounts <strong>and</strong> works in real-time to authenticate user to access encryption keys <strong>and</strong> to retrieve<br />
the correct policy in EEFF. A smart card implementation based on Windows logon can be used<br />
<strong>for</strong> enhanced security.<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> allows you to define <strong>and</strong> protect in<strong>for</strong>mation in a way<br />
that only certain users can access it. This data is stored, managed, archived, <strong>and</strong> distributed<br />
as any other file is, however, it can be viewed only by those who have been granted access.<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> is a Persistent <strong>Encryption</strong> engine: when a file has<br />
been encrypted <strong>and</strong> has been moved or copied to another place, it remains encrypted. If a file<br />
is moved out of an encrypted directory, it will also remain encrypted. Likewise, if an encrypted<br />
file is moved to a memory stick – the encryption will remain in place.<br />
EEFF integrates with <strong>McAfee</strong> ePolicy Orchestrator (ePO), which provides a single point of control<br />
over all the data on the systems. EEFF with ePO supports both user-based <strong>and</strong> system-based<br />
policies. Assigning these policies to users encrypts the data on the client as configured.<br />
EEFF depends on Microsoft Windows credentials there<strong>for</strong>e, both registered domain users <strong>and</strong><br />
local system users can be assented encryption policies <strong>and</strong> associated keys.<br />
How EEFF <strong>4.0</strong> works<br />
EEFF encrypts folders <strong>and</strong> files according to policies assigned to the user. These policies are<br />
en<strong>for</strong>ced by the ePO server.<br />
4<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Introducing <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong><br />
EEFF Features<br />
The client software is installed on the client system. After the installation, the system synchronizes<br />
with the ePO server <strong>and</strong> acquires the user data. EEFF then assigns encryption policies <strong>and</strong> keys<br />
to the user as configured.<br />
EEFF client acts like a filter between the application creating or editing the files <strong>and</strong> the storage<br />
media. When a file is saved, EEFF filter executes the assigned encryption policies <strong>and</strong> encrypts<br />
the data, if applicable. If the user manages to kill the main EEFF process on the client system,<br />
EEFF encrypts folders <strong>and</strong> files according to policies assigned to the user. These policies are<br />
en<strong>for</strong>ced by the ePO server.<br />
The client software is installed on the client system. After the installation, the system synchronizes<br />
with the ePO server <strong>and</strong> acquires the user data. EEFF then assigns encryption policies <strong>and</strong> keys<br />
to the user as configured.<br />
The EEFF client acts like a filter between the application creating or editing the files <strong>and</strong> the<br />
storage media. When a file is saved, the EEFF filter executes the assigned encryption policies<br />
<strong>and</strong> encrypts the data, if applicable. If the user manages to kill the main EEFF process<br />
(MfeffCore.exe) on the client system, attempting to deviate from the assigned encryption policy,<br />
the process will be automatically regenerated. The automatic restart cannot be disabled.<br />
When a file that is encrypted with key A is moved to a folder where files are encrypted with<br />
key B, the file encrypted with key A will immediately be re-encrypted with key B. This behavior<br />
is known as follow-target-encryption <strong>and</strong> requires that the user or process transferring the file<br />
has access to both key A <strong>and</strong> key B. This operation takes place instantly when the file is placed<br />
in the folder encrypted with key B.<br />
EEFF Features<br />
• Centralized management — Provides support <strong>for</strong> deploying <strong>and</strong> managing <strong>McAfee</strong> <strong>Endpoint</strong><br />
<strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> using ePO 4.5 <strong>and</strong> 4.6.<br />
• Windows authentication based policy en<strong>for</strong>cement — Assigns encryption policies <strong>and</strong><br />
keys to Windows user accounts.<br />
• Integration with the <strong>McAfee</strong> Tray icon - Consolidates the tray icons to one common<br />
<strong>McAfee</strong> icon.<br />
• <strong>User</strong> Personal Keys - Allow users to have individual keys, generated centrally <strong>and</strong> possible<br />
to assign in policies <strong>for</strong> encryption.<br />
• Protect data on Removable media — Provides support <strong>for</strong> removable media encryption.<br />
• Migration from EEFF v3.x to EEFF v4 - Provides support <strong>for</strong> migrating keys from EEFF<br />
v3.x to EEFF v4 by importing them into ePO.<br />
• File Extension exclusion - Excludes the listed file types from encryption. For example,<br />
MP3 <strong>and</strong> WAV files.<br />
System requirements<br />
System requirements<br />
Systems<br />
ePO Server Systems<br />
Requirements<br />
See <strong>McAfee</strong> ePolicy Orchestrator 4.5 <strong>and</strong> 4.6 - Installation <strong>Guide</strong><br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
5
Introducing <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong><br />
About this guide<br />
Software requirements<br />
Software (or package name)<br />
Requirements<br />
<strong>McAfee</strong> management software • ePO 4.5 (minimum patch 4) <strong>and</strong> 4.6<br />
• <strong>McAfee</strong> Agent <strong>for</strong> Windows 4.5 (minimum Patch 2) <strong>and</strong> 4.6<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> • EEFF Extension<br />
• EEFF_<strong>4.0</strong>.0_xxx.ZIP<br />
• help_eeff_400.ZIP<br />
• MfeEEFF_Client_<strong>4.0</strong>.0.x.ZIP<br />
Microsoft “Windows Installer 3.0<br />
Redistributable” package ( <strong>for</strong> ePO)<br />
Microsoft “.NET Framework 2.0<br />
Redistributable” package ( <strong>for</strong> ePO)<br />
Microsoft MSXML 6 ( <strong>for</strong> ePO)<br />
See <strong>McAfee</strong> ePolicy Orchestrator 4.5 <strong>and</strong> 4.6 - Installation <strong>Guide</strong><br />
See <strong>McAfee</strong> ePolicy Orchestrator 4.5 <strong>and</strong> 4.6 - Installation <strong>Guide</strong><br />
See <strong>McAfee</strong> ePolicy Orchestrator 4.5 <strong>and</strong> 4.6 - Installation <strong>Guide</strong><br />
Operating system requirements<br />
Systems<br />
ePO Server Systems<br />
Software<br />
See <strong>McAfee</strong> ePolicy Orchestrator 4.5 <strong>and</strong> 4.6 - Installation <strong>Guide</strong><br />
Client Systems • Microsoft Windows Vista (32-bit) SP 2<br />
• Microsoft Windows XP (32-bit) SP 3<br />
• Microsoft Windows 7 (32-bit <strong>and</strong> 64-bit) SP 0 <strong>and</strong> SP 1<br />
About this guide<br />
This guide provides in<strong>for</strong>mation on detailed instructions <strong>for</strong> managing the <strong>McAfee</strong> <strong>Endpoint</strong><br />
<strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> <strong>4.0</strong> client.<br />
Target audience<br />
This guide is mainly intended <strong>for</strong> <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> users.<br />
6<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Using the Context menu<br />
The options available when you right-click a file or a folder are referred as context menu options.<br />
The context menu options <strong>for</strong> files <strong>and</strong> folders are identical <strong>and</strong> are explained in general. The<br />
context menu options are subjected to policy control <strong>and</strong> can be made unavailable to you by<br />
the administrator. When you right-click a file or a folder the <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> submenu<br />
with the options the administrator has enabled <strong>for</strong> you appears.<br />
Tasks<br />
Encrypting a file or a folder<br />
Decrypting a file or a folder<br />
Searching <strong>for</strong> encrypted files or folders<br />
Creating a Self-Extractor<br />
Attaching a file or a folder as Self-Extractor<br />
Attaching an encrypted file<br />
Encrypting a file or a folder<br />
The Encrypt option on the context menu allows you to manually encrypt a file or a folder. This<br />
option is unavailable to the users if the file or the folder has been encrypted by policy.<br />
Be<strong>for</strong>e you begin<br />
Ensure that the file you want to encrypt is not being used by any application.<br />
Task<br />
1 Right click on the file or the folder to be encrypted, then select <strong>McAfee</strong> <strong>Endpoint</strong><br />
<strong>Encryption</strong> | Encrypt. The Select key dialog box appears.<br />
2 Select the key with which you want to encrypt the file, then click OK.<br />
NOTE: Click Details to view additional in<strong>for</strong>mation about the selected key.<br />
Depending on the policy settings, a padlock appears on the file indicating that the file is encrypted<br />
with the selected key.<br />
Alternatively, right click on the file or the folder to be encrypted, then select Properties. On<br />
the <strong>Encryption</strong> tab select the key with which you want to encrypt then click Apply.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
7
Using the Context menu<br />
Decrypting a file or a folder<br />
Decrypting a file or a folder<br />
The Decrypt option on the context menu allows you to manually decrypt a file or folder. This<br />
option is unavailable to the users if the folder has been encrypted by policy.<br />
Be<strong>for</strong>e you begin<br />
Ensure that the file you want to decrypt is not being used by any application.<br />
To decrypt a file or a folder, right click on the file or the folder then select <strong>McAfee</strong> <strong>Endpoint</strong><br />
<strong>Encryption</strong> | Decrypt.<br />
NOTE: For both file decryption <strong>and</strong> folder decryption you might require authentication if the<br />
encryption key needed <strong>for</strong> the decryption is not available.<br />
Alternatively, right click on the file or the folder to be encrypted, then select Properties. On<br />
the <strong>Encryption</strong> tab select as Key name, then click Apply.<br />
Searching <strong>for</strong> encrypted files or folders<br />
Use this task to search <strong>for</strong> encrypted files <strong>and</strong> folders in the specified location. This option is<br />
available only when you right click on a folder.<br />
Task<br />
1 Right click on the folder, then select <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> | Search encrypted....<br />
The Search: encrypted files <strong>and</strong> folders dialog box appears.<br />
2 Select if you want to search <strong>for</strong> files <strong>and</strong>/or folders <strong>and</strong> the key with which the files or<br />
folders are encrypted.<br />
3 Browse to specify the folder path <strong>and</strong> select Include sub-folders to search <strong>for</strong> encrypted<br />
files or folders in sub-folders.<br />
4 Click Search. As the search progresses, matching objects found will be displayed in a list.<br />
After the search is complete, right click the objects found then per<strong>for</strong>m any action on them<br />
Creating a Self-Extractor<br />
Self-Extractors are password-encrypted executable files that can also be decrypted on non-EEFF<br />
client systems. The password used to create the Self-Extractor is required to read it.<br />
You can change the name of the Self-Extractor. By default, it is named as its source file/folder<br />
with the *.exe extension.<br />
Task<br />
1 Right click on the file or the folder <strong>for</strong> which you want to create a self-extractor, then select<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> | Create Self-Extractor (.exe). The<br />
Package <strong>and</strong> encrypt dialog box appears.<br />
2 Type the password with which you want to encrypt the self-extractor, then click OK.<br />
NOTE:<br />
8<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Using the Context menu<br />
Attaching a file or a folder as Self-Extractor<br />
• The source file/folder will remain intact on disk, only a copy of the file/folder is converted<br />
into a Self-Extractor.<br />
• You can also specify where to save the Self-Extractor. The default location is the same<br />
as the location of the source file/folder.<br />
Reading a Self-Extractor<br />
Double-click the Self-Extractor <strong>and</strong> provide the password used to create the file. The creator<br />
of this file must share the password to the recipient of the file in a secure manner.<br />
By default, after typing the correct password the content of the Self-Extractor will open up<br />
automatically in the associated application. However, the content will not be automatically saved<br />
to disk. When the user closes the application that opened up the unpacked Self-Extractor<br />
content, the unpacked content will be wiped from the disk.<br />
To save the Self-Extractor content to disk, click Advanced, then select Extract <strong>and</strong> specify<br />
the location.<br />
Self-Extractors can be read on any client system running Windows 2000 <strong>and</strong> later. Self-Extractors<br />
can also be read on a non-EEFF client <strong>and</strong> requires rights to run an executable file.<br />
Attaching a file or a folder as Self-Extractor<br />
Use this task to attach a file or a folder as Self-Extractor to an email. The self-extractor is<br />
packaged into a *.cab file which can be attached with an email. Any email program can be used<br />
<strong>for</strong> attaching a file or a folder as Self-Extractor.<br />
The emails sent with a *.cab Self-Extractor attachment might be blocked by the recipients<br />
anti-virus program.<br />
Task<br />
1 Right click on the file or the folder which you want to create a self-extractor, then select<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> | Attach Self-Extractor to E-mail. The Package <strong>and</strong><br />
encrypt dialog box appears.<br />
2 Type the password with which you want to encrypt the self-extractor, then click OK.<br />
The source file/folder will remain intact on disk, only a copy of the file/folder is converted<br />
into a Self-Extractor <strong>and</strong> attached to an email.<br />
Attaching an encrypted file<br />
Use this task to send a file (plaintext or encrypted) in a protected way. The recipient must have<br />
EEFF <strong>4.0</strong> installed <strong>and</strong> also have access to the encryption key.<br />
NOTE: If you attach an encrypted file to an email without using Attach encrypted to E-mail...,<br />
the file will be attached as plaintext even if the file is encrypted on disk. The source file will<br />
still be encrypted, but the copy attached with the email will be in plaintext <strong>and</strong> the recipient<br />
will receive it in plaintext.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
9
Using the Context menu<br />
Attaching an encrypted file<br />
Task<br />
1 Right click on the file, then select <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> | Attach encrypted<br />
to E-mail. The Select protection keys dialog box appears.<br />
2 Select the key with which you want to encrypt the file, then click OK. A *.sba file is attached<br />
to the email.<br />
10<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Launching <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong><br />
<strong>and</strong> <strong>Folders</strong> Console<br />
Click the <strong>McAfee</strong> menulet on your status bar, then click Manage Features | <strong>Endpoint</strong><br />
<strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>.<br />
From the left pane of the console, you view status report, create <strong>and</strong> manage <strong>User</strong> Local keys,<br />
<strong>and</strong> initialize, recover, <strong>and</strong> change authentication method <strong>for</strong> Removable Media.<br />
Status Report<br />
Status Report is the default screen that appears when you launch <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong><br />
<strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> console.<br />
EEFF client Status Report displays the following:<br />
• Operating System running on the client system<br />
• EEFF installation files<br />
• <strong>Encryption</strong> keys available to the user or the system<br />
• General policies en<strong>for</strong>ced on the system or the user<br />
• Folder policies en<strong>for</strong>ced on the system or the user<br />
• File extension policies en<strong>for</strong>ced on the system or the user<br />
• List of exempted devices<br />
• List of blocked processes<br />
• List of file extensions excluded from encryption<br />
• List of excluded keys<br />
On the right pane of the console, click Write to File to export the status report to an xml file.<br />
Local Keys<br />
The <strong>User</strong> Local keys creation <strong>and</strong> management option available on the console is subject to<br />
policy control <strong>and</strong> can be made unavailable to you by the administrator.<br />
Refer to the Managing <strong>User</strong> Local Keys chapter <strong>for</strong> more details.<br />
Removable Media<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media (EERM) is a software solution that encrypts<br />
removable devices to protect data stored in the device. The option available on the console is<br />
subject to policy control <strong>and</strong> can be made unavailable to you by the administrator.<br />
Refer to the Managing <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media chapter <strong>for</strong> more details.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
11
Managing <strong>User</strong> Local keys<br />
The keys created by users on the client system are referred to as <strong>User</strong> Local keys. The <strong>User</strong><br />
Local keys creation <strong>and</strong> management is subject to policy control <strong>and</strong> can be made unavailable<br />
to you by the administrator. <strong>User</strong> Local keys are individual to the user <strong>and</strong> the system on which<br />
they are created.<br />
Contents<br />
Creating a <strong>User</strong> Local key<br />
Deleting a <strong>User</strong> Local key<br />
Renaming a <strong>User</strong> Local key<br />
Exporting <strong>User</strong> Local keys<br />
Importing <strong>User</strong> Local keys<br />
Recovering <strong>User</strong> Local keys<br />
Changing <strong>User</strong> Local key authentication method<br />
Creating a <strong>User</strong> Local key<br />
The encryption keys are stored in Key Stores. Each Key Store is protected with either a password<br />
that you select (password token), or with your digital certificate (PKI token). You will select the<br />
proper token when you create the key store. Your Key Store may be stored either on your<br />
computer's hard disk, or on a removable storage media, typically a USB memory stick. It is<br />
possible to have one Key Store on the hard disk <strong>and</strong> another on removable storage, where each<br />
Key Store holds different keys.<br />
Use this task to create a new user local key.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Create new key. The Welcome to Create Local Key wizard appears.<br />
3 Click Next. The Volume page appears.<br />
4 Select the location where you want to save the local key from the drop-down menu then<br />
click Next. The Data page appears.<br />
NOTE: If you want to save the local key on a USB memory stick, ensure the drive is inserted<br />
be<strong>for</strong>e you start the wizard.<br />
12<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Managing <strong>User</strong> Local keys<br />
Deleting a <strong>User</strong> Local key<br />
5 Type a name <strong>for</strong> the local key, then select the inactivity timeout <strong>for</strong> the key from the<br />
drop-down menu. The inactivity timeout defines how long a key can remain unused in<br />
memory. When the timeout is reached, you need to authenticate be<strong>for</strong>e you can access<br />
encrypted files or folders.<br />
NOTE: Ensure that you provide unique names <strong>for</strong> the encryption keys, ideally reflecting<br />
the purpose of the key.<br />
6 Click Next. The Tasks page appears summarizing the key details configured in the wizard.<br />
7 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the corporate recovery key that will be used when you<br />
create your key store.<br />
8 Click Finish<br />
Deleting a <strong>User</strong> Local key<br />
You may delete encryption keys that are not used. A deleted encryption key cannot be recovered.<br />
Consequently, documents encrypted with a deleted key cannot be opened.<br />
NOTE: Ensure that search the files encrypted with the key you intend to delete.<br />
Use this task to delete a <strong>User</strong> Local key.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Delete key. The Welcome to the Delete Key wizard appears.<br />
3 Click Next. The Select Key page appears.<br />
4 Select the required key from the Key name drop-down list, then click Next. The Tasks<br />
page appears summarizing the key details configured in the wizard.<br />
5 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
6 Click Finish<br />
Renaming a <strong>User</strong> Local key<br />
Use this task to rename a <strong>User</strong> Local key.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Rename key. The Welcome to the Rename Key wizard appears.<br />
3 Click Next. The Select Key page appears.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
13
Managing <strong>User</strong> Local keys<br />
Exporting <strong>User</strong> Local keys<br />
4 Select the required key from the Key name drop-down list, then click Next. The Data<br />
page appears.<br />
5 Type a new name <strong>for</strong> the key, then click Next. The Tasks page appears summarizing the<br />
key details configured in the wizard.<br />
6 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
7 Click Finish<br />
Exporting <strong>User</strong> Local keys<br />
To share encrypted files with other users you must share the encryption keys with they are<br />
encrypted. When exported, the encryption key is packaged into a file with SKS as extension.<br />
To import the file, the users must know the key store password. The SKS file may be sent as<br />
an e-mail attachment.<br />
Use this task to export <strong>User</strong> Local key to a .sks file.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Export keys. The Welcome to the Export Key wizard appears.<br />
3 Click Next. The Select key page appears.<br />
4 Select the required key from the Key name drop-down list, then click Next. The Tasks<br />
page appears summarizing the key details configured in the wizard.<br />
5 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
6 Click Finish<br />
Importing <strong>User</strong> Local keys<br />
To import an encryption key, you need to create a key store where you can save the imported<br />
key.<br />
Use this task to import encryption keys.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Import keys. The Welcome to the Import Key wizard appears.<br />
3 Click Next. The Path page appears.<br />
4 Browse <strong>and</strong> select the exported keys (*.sks file), then click Next. The Select key store<br />
page appears.<br />
14<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Managing <strong>User</strong> Local keys<br />
Recovering <strong>User</strong> Local keys<br />
5 Select the key store to which you want to import the keys, then click Next. The Tasks<br />
page appears summarizing the key details configured in the wizard.<br />
6 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
7 Click Finish<br />
Recovering <strong>User</strong> Local keys<br />
Use this task to recover a <strong>User</strong> Local key. The recovery involves the use of the central recovery<br />
key. You may be prompted <strong>for</strong> <strong>Endpoint</strong> <strong>Encryption</strong> central password to access the recovery<br />
key.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Recover keys. The Welcome to the Recover Key wizard appears.<br />
3 Click Next. The Volume page appears.<br />
4 Select the location where you saved the recovery key from the drop-down menu then click<br />
Next. The Password page appears.<br />
5 Type <strong>and</strong> confirm new password <strong>for</strong> the key store, then click Next. The Tasks page appears<br />
summarizing the key details configured in the wizard.<br />
6 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
7 Click Finish<br />
Changing <strong>User</strong> Local key authentication method<br />
Use this task to change the protection mechanism <strong>for</strong> key stores.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, under Local Keys section click Change authentication. The Welcome<br />
to the Change Token wizard appears.<br />
3 Click Next. The Volume page appears.<br />
4 Select the location where you saved the local key <strong>for</strong> which you want to change the<br />
authentication then click Next. The Type page appears.<br />
5 Select the token type with which you want to authenticate the device. Depending on the<br />
authentication method selected, the next dialog will differ.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
15
Managing <strong>User</strong> Local keys<br />
Changing <strong>User</strong> Local key authentication method<br />
• If you selected Password Protection, the Password page appears. Type <strong>and</strong> confirm<br />
the new password, then click Next. The Tasks page appears summarizing the key<br />
details configured in the wizard.<br />
• If you selected Certificate Protection, the Certificate page appears. Select a certificate<br />
from the list of available certificates, then click Next. The Tasks page appears<br />
summarizing the key details configured in the wizard.<br />
6 Click Next. You might be prompted to authenticate to <strong>Endpoint</strong> <strong>Encryption</strong> be<strong>for</strong>e completing<br />
the wizard to ensure access to the key store.<br />
7 Click Finish<br />
16<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Managing <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable<br />
Media<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media (EERM) is a software solution that encrypts<br />
removable devices to protect data stored in the device. However, any attached removable<br />
storage can be protected with EERM, except <strong>for</strong> CDs/DVDs <strong>and</strong> floppy disks.<br />
Contents<br />
Initializing a Removable Media<br />
Recovering a Removable Media<br />
Changing EERM authentication method<br />
Initializing a Removable Media<br />
When you insert a non-protected removable device on a client with EEFF installed <strong>and</strong> the policy<br />
<strong>for</strong> removable media enabled, a notification dialog box appears prompting to initialize the device.<br />
Alternatively, you can initialize the removable media using <strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong><br />
<strong>Files</strong> <strong>and</strong> <strong>Folders</strong> client console.<br />
Use this task to initialize a removable media.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Initialize device. The Initialize Removable Media window appears.<br />
3 In the Authentication section, select the required authentication method.<br />
• For the password method, type a password that con<strong>for</strong>ms to the default complex<br />
password rules in your organization. These password rules may well be stricter than<br />
those rules in effect <strong>for</strong> your Windows logon password.<br />
• For the certification method, select a digital certificate from the drop-down menu.<br />
4 In the Recovery section, select the required recovery method.<br />
NOTE: The recovery methods available depends on the removable media encryption policy<br />
en<strong>for</strong>ced on the system or the user.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
17
Managing <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media<br />
Recovering a Removable Media<br />
5 Click Initialize. The progress of the initialization is displayed in the progress bar at the<br />
bottom of the dialog.<br />
NOTE: We recommend you not to unplug the device during initialization or to cancel the<br />
initialization process. This may result in a device in an unknown state, which means it<br />
cannot be used on a machine with EEFF installed.<br />
Once the initialization is complete, an authentication dialog appears requesting the user to<br />
authenticate to the device. Provide the authentication in<strong>for</strong>mation to use the device.<br />
Recovering a Removable Media<br />
Use this task to recover a removable media.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, click Recover media. The Recover Authentication window appears.<br />
3 Select one of these required recovery methods:<br />
• Recovery key — This method uses a Recovery key from the central management<br />
system to configure the recovery of the device. You may be prompted to authenticate<br />
to EEFF to access this key <strong>and</strong> will not be able to change the Recovery key the<br />
administrator has selected.<br />
• Recovery password — This recovery method enables user to select a Master Password<br />
(Recovery password). With this password you can recover the encrypted device without<br />
any interaction with the Helpdesk. Also, you can per<strong>for</strong>m this recovery from a non-EEFF<br />
client.<br />
NOTE: The Recovery password must con<strong>for</strong>m to the same password quality rules as<br />
your authentication password. Since Password History is a part of the hard coded<br />
password rules, this means that the Recovery password cannot be set to the same<br />
password as the authentication password.<br />
• Recovery certificate — This option enables the user to select a digital certificate to<br />
use <strong>for</strong> recovery.<br />
With the recovery certificate, you can recover the device without any interaction with<br />
the Helpdesk. Also, you can per<strong>for</strong>m this recovery from a non-EEFF client.<br />
• Recovery questions — This option enables you to enter five questions <strong>and</strong> answers<br />
that will be used in a recovery situation. That is, you will be able to recover the encrypted<br />
device by answering the selected questions without any interaction with Helpdesk. Also,<br />
you can per<strong>for</strong>m this recovery from a non-EEFF client.<br />
4 Click Recover.<br />
18<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>
Managing <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> Removable Media<br />
Changing EERM authentication method<br />
Changing EERM authentication method<br />
Use this task to change the protection mechanism <strong>for</strong> EERM.<br />
Task<br />
1<br />
Click the <strong>McAfee</strong> menulet on your status bar, then select Manage Features |<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong>. The <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong><br />
<strong>Folders</strong> client console appears.<br />
2 On the left pane, under Removable Media section click Change authentication. The<br />
Change authentication window appears.<br />
3 Click Change.<br />
4 Select the token type with which you want to authenticate the device.<br />
• If the device is password protected, you will be prompted to authenticate the device<br />
using the existing password. After the device is successfully authenticated the Select<br />
new protection window appears. Type <strong>and</strong> confirm the new password, then click OK.<br />
A pop-up appears displaying that the authentication method has been changed.<br />
• If the device is protected by certificate, the device is authenticated using the certificate<br />
installed on the client system. Select the required certificate from the list of available<br />
certificates, then click OK. A pop-up appears displaying that the authentication method<br />
has been changed.<br />
5 Click OK | Close.<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong><br />
19
Index<br />
E<br />
EEFF 4<br />
client 4<br />
<strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> 4<br />
R<br />
requirements, operating system 5<br />
requirements, software 5<br />
requirements, system 5<br />
P<br />
Persistent <strong>Encryption</strong> 4<br />
20<br />
<strong>McAfee</strong> <strong>Endpoint</strong> <strong>Encryption</strong> <strong>for</strong> <strong>Files</strong> <strong>and</strong> <strong>Folders</strong> software version <strong>4.0</strong>.0 <strong>User</strong> <strong>Guide</strong>