Encrypting Media

Your organization's policy defines access to business and non-business data. Your policy may allow access only to business data, which is encrypted. As an alternative, your policy can allow access to business and non-business data, but the business data must be encrypted and password protected. In this case, Media Encryption creates two drives on the physical storage device. One encrypted drive for business data and a non-encrypted drive for non-business data.

If you have the required permissions you can:

  • Configure a password that gives users full access to the encrypted drive.

  • Configure the percentage of the physical device to be encrypted. For example, if you encrypt 50% of a device, the encrypted (business data) drive occupies 50% of the physical device. The remainder is assigned to a non-encrypted (non-business data) drive. When you import and encrypt files, they are always put on the business data drive.

To encrypt a new storage device:

  1. Connect a removable storage device (USB) to your computer.

  2. From Media Encryption & Port Protection, select a device and click Create Encrypted Storage.

    The Removable Device Encryption window opens. The options shown are set by your administrator. In addition, you can encrypt and decrypt devices

  3. In the Removable Device Encryption window, configure the available options. If you do not see an option, that option is not allowed by your policy.

    • Set a password to allow full access to the device while online (connected to your network) and offline.

    • Select a percentage of the storage device to encrypt.

  4. Click Encrypt.

  5. When the Finish window opens, click Finish to complete the procedure.

The encrypted storage device status at this time shows as Encrypted in the Media Encryption & Port Protection window. Non-business data is not changed, deleted, or encrypted. It remains on the non-encrypted device.