Symantec Endpoint Encryption Instructions The State College of Florida is in the process of purchasing licenses to Symantec Endpoint Encryption for installation on college owned computers. Advantages of using the Symantec solution over methods are: The SCF Helpdesk can access recovery tokens in case you lose the password to an encrypted laptop. Symantec Endpoint Encryption will report status to a college server. The will allow the College to prove that a laptop is encrypted if lost or stolen. Symantec Endpoint Encryption will include the ability to encrypt external drives and individual files. Password Changes If you change the Windows password on a computer with Symantec Endpoint Encryption installed, it will also automatically update the Encryption passphrase to match. If this does not occur then you will be able to contact the SCF Help Desk for assistance. Additional Profiles If a computer has multiple users then each one will need to be enrolled for each users password to be able to unlock a computer when it is booted up. 1. Create the local Windows account for an additional user, and set a password. 2. Open the Symantec Endpoint Encryption desktop application and select Encrypt partition or disk. The list of allowed users is located at the bottom of the main window. 3. Select New Passphrase User from the options located on the right and follow the on screen prompts to add additional authorized users for the computer. The user matching the password that is entered at the Bootguard screen will be automatically logged into the Windows Active Directory. Recovering a Password If you forget you Encryption password then simply need to call the SCF Help Desk. You will need to verify your identity and provide the name of the computer needing to be unlocked. The Help Desk will provide you with a recovery token, which is a single use password. After you enter the recovery token, you will need to either reset your password using Control Alt Delete or open the Symantec Encryption Desktop application and reset the password by selecting the Encrypt Partition or Disk. Installing Symantec Endpoint Encryption 1. Download the Encryption Installer. Double click the SCFPGP Installer to begin.
2. Agree to license: 3. Do not show notes:
4. Restart your computer: 5. When the restart is complete make sure that your computer has network access. If there is no access the following error message will be generated:
6. If the computer will be online then Endpoint Encryption will prompt for a username and password. Please enter your SCF credentials: 7. Select new user to generate a new encryption key:
8. Select Next: 9. Enter your Windows username and password for Single Sign On. This is the user that will be automatically logged in after successfully entering the Endpoint Encryption passphrase. The Domain name field should default SCF. On most computers not used with Active Directory this will be Local.
10. Select next to continue the encryption process which should have already started: 11. You should now see a congratulations screen. Select Finish:
12. Open the Endpoint Encryption Desktop from the tray icon:
13. Select PGP Disc > Encryption Disk to see progress: The encryption process will now begin. The laptop can be put into sleep mode or even turned off, and the encryption will resume when it is turned back on again. The laptop can be safely used while the encryption process is running, although you may notice decreased performance. Encryption will complete the fastest if you plug the laptop into the wall power, and leave it unused. Encryption time will vary depending on the size and condition of the hard drive, the speed of the processor and whether the computer is being used for other work at the same time. Typically it takes between 4 and 12 hours, but older, slower laptops can take up to several days.