This article provides suggested best practices for FileShare Encryption (Formerly PGP NetShare).
These best practices can help overcome issues with folders that fail to encrypt, become corrupted, or take long periods of time to finish re-encrypting.
- Before encrypting, make sure the file system is scanned and defragmented on the system hosting the encrypted folder.
- Run the File Share encryption process from a computer other than the one used to store the encrypted folder.
- Try to limit the programs running on the computer doing the encryption or the one hosting the files during the encryption process (e.g., backups, virus scans).
- Ensure adequate resources on the server/computer hosting the FileShare. As it may be an intensive process for a computer's CPU, Memory, and hard disk.
- Make sure that the folder permissions are set correctly to allow editing by group members and also to inherit permissions from the parent folder.
- Make sure that the files to be encrypted are not in use (it may be best to wait until after normal business hours before encrypting).
- In some cases, a folder with an extremely large amount of files in a directory may cause difficulties when attempting to encrypt the folder with FileShare Encryption.
- Use a File Share Encryption Group Key, which makes managing File Share folders much faster, as it will no longer have to modify all of the metadata for the encrypted files when adding or removing users to a group.
Note: In a Symantec Encryption Management Server managed environment, the use of Group Keys allow you to protect shared files and folders in File Encryption NetShare. Group keys allow you to easily add or remove group members without affecting the File Encryption metadata associated with the protected files and folders.
The Group key functionality began with version 3.2.0 of PGP Universal Server and continue on with all versions of Symantec Encryption Management Server.