Allow user to choose owner during encryption

Lets users manually define the device owner before encryption. This lets users create storage devices for other users. By default, the device owner is the user who is logged into the endpoint computer. The device owner must be an Active Directory user.

Allow user to change size of encrypted media

Lets users change the percentage of a storage device that is encrypted, not to be lower than Minimum percentage of media used for encrypted storage.

Allow users to remove encryption from media

Lets users decrypt storage devices.

Allow user to upgrade from legacy drives

Lets users upgrade storage devices that were encrypted by File Encryption version R73.

When encrypting, Non-Business Related Data will be:

Select one of these actions for existing data on a storage device upon encryption:

• Copied to encrypted section - Non-Business Related data is encrypted and moved to the Business Related (encrypted) storage device.
  
  We recommend that you back up Non-Business Related data before encryption to prevent data loss if the encryption fails. For example, this can occur if there is insufficient space on the device.
  
• Deleted - Non-Business related data is deleted.
• Untouched - Non-Business Related data is not encrypted or moved.

Secure format media before encryption

Run a secure format before encrypting the storage device. Select the number of format passes to do before the encryption starts.

Change device name and icon after encryption

When selected, after the device is encrypted, the name of the non-encrypted drive changes to Non Business Data and the icon changes to an open lock.

When cleared, the name of the non-encrypted drive and the icon do not change after the device is encrypted.

Password protect media for access in offline mode

Lets users assign a password to access a storage device from a computer that is not connected to an Endpoint Security Management Server. Users can also access the storage device with this password from a non-protected computer

Allow user to recover their password using remote help

Lets user recover passwords using remote help.

Copy utility to media to enable media access in non-protected environments

Copies the Explorer utility to the storage device. This utility lets users access the device from computers that are not connected to an Endpoint Security Management Server.

Protect media with password for read-only access in offline mode

Lets users assign a different password that gives read-only access to a storage device.

Allow user to change read-only password

Lets users change a previously defined read-only password.

Use Windows password complexity

The standard Windows password requirements are enforced:

The password must:

• Have at least six characters
• Have characters from at least 3 of these categories: uppercase, lowercase, numeric characters, symbols.

Use custom password complexity

If you select this, select the requirements for which type of characters the password must contain or not contain.

Use custom requirements

If you select this, select the requirements for which type of characters the password must contain or not contain:

• Consecutive identical characters, for example, aa or 33
• Require special characters. These can be: ! " # $ % & ' ( ) * + , - . / : < = > ? @ {
• Require digits, for example 8 or 4.
• Require lower case characters, for example g or t.
• Require upper case characters, for example F or G.
• Password must not contain user name or full name.

Minimum length of password

Enter the minimum number of characters for a valid password.

Password can be changed only after

Enter the minimum number of days that a password must be valid before the user can change it.

Password expires after

Enter the maximum number of days that a password can be valid before the user must change it.

Number of passwords

Enter the minimum number of password changes needed before a previously used password can be used again.