There is an internal user policy on Universal server that can be configured to automatically encrypt a removable device or lock it as read only if the device cannot be encrypted.
"Enable automatic encryption or locking of removable devices"
"Lock device as read-only and provide users with the option to encrypt with PGP Whole Disk Encryption (Windows clients only)"
This policy only works if the Universal server is online and reachable.
If Universal is offline, data can be written to the device although the policy is enabled and the device should be locked for write access.
This issue was solved in 3.2.1 MP5/10.2.1 MP5 and above.
New versions will now properly lock the device as read only if it cannot be automatically encrypted.
The release notes write:
2950245: Resolved the issue so that inserted removable devices are write-protected if the user fails to select an option from the encryption dialog box within 120 seconds or when PGP Universal Server is not reachable.
The defect is present in PGP Universal and PGP Desktop versions below 3.2.1 MP5/10.2.1 MP5 (build 5033).
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.