HOW TO: Encrypt Files and Folders with Symantec Encryption Desktop for Windows
search cancel

HOW TO: Encrypt Files and Folders with Symantec Encryption Desktop for Windows

book

Article ID: 178739

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption

Issue/Introduction

 This article will help you encrypt files or folders to recipient keys using the PGPzip Functionality of Symantec Encryption Desktop (AKA PGP Desktop).

Resolution

This Article describes how to encrypt files and folders with Symantec Encryption Desktop for Windows.

Symantec Encryption Desktop uses the PGP Zip program to encrypt files and folders. There are two methods with which the PGP Zip program can be accessed:

First, PGP Zip may be accessed from within the Symantec Encryption Desktop program by selecting the PGP Zip portion of the Control Box.

Second, the PGP Zip program can be accessed by right clicking on the desired file/folder in Windows Explorer and selecting Symantec Encryption Desktop from the context menu. When a file or folder is encrypted using PGP Zip, a .pgp extension is appended to the file. The newly encrypted file will appear displaying an icon with a PGP and a lock.

 

Using PGP Zip within Symantec Encryption Desktop (Encrypting files and folders)

Follow the instructions in this section to create, open, or edit a PGP Zip file.

Create a PGP Zip file

If you would like to encrypt a particular file, this option will work well.

To encrypt a new file using PGP Zip, perform the following steps.

  1. Open Symantec Encryption Desktop (Click the padlock icon on the bottom-right corner in the system tray).
  2. Locate the PGP Zip in the Control box in the left pane of the Symantec Encryption Desktop main screen.
  3. Click New PGP Zip.  (An additional icon will also be available below the file menu in the main screen.
  4. A PGP Zip Assistant will start to provide an intuitive guide for file encryption.  All the files or folders may be added simply by dragging and dropping the files to the window or adding files by selecting the available icons below the window. (After encryption, the option to shred the original files is also available.)
  5. After the files are added, select Next.
  6. Select how the file will be encrypted and select Next

    Important Note: There are multiple methods to encrypt.  The most popular method, and the one that Symantec recommends is using a PGP Public Key to encrypt.  When you use a PGP Public Key, then only the intended recipient can decrypt the file).

    When encrypting to Recipient Keys (PGP Keys), an Add User Keys dialogue box will display to allow the addition of user keys. Click on the down arrow to select the desired key and click the Add... button. The PGP key will be displayed in the User Keys window.

    Another method to encrypt a file is by using a passphrase.  When you choose this option, you are not using a PGP key. This means that anyone with the password can decrypt.  This option is not typically recommended because you need to then figure out a way to exchange the passphrase securely, which should be done with caution.

    When encrypting to a passphrase or creating an Self Decrypting Archive (SDA), a Create a passphrase dialogue will display and allow the creation of a passphrase to encrypt the file to.
    When using the SDA option, then anyone with the passphrase can decrypt.  This option should be used with care.
     
  7. Optional: From the Sign and Save screen, select the desired Signing Key and the desired location for the encrypted file to be saved and click Next.
    Important Note: It is not required to sign files.  Signing files is only needed if you need to prove your identity and integrity of the file to the recipient.  If a file is modified in transit, signing the file can be used to detect this.  If you are going to use the signing method, you will have needed to communicate the proper signing key to the recipient.  

    Important Caution: Never give out your private key, which is used for Signing and Decrypting.  Only provide public keys to recipients for the purpose of verifying a signature.

  8. The final screen will show the options and summary of the file to be encrypted. Click Finish.

Caution: This process does not remove the original unencrypted file from the disk. To remove the original file from the disk, use the PGP Shredder or edit the PGP Zip file in Symantec Encryption Desktop and select Shred Original Files from Disk.


Open a PGP Zip File (Decrypting files and folders) 

To open a previously created PGP Zip file, the file may be opened by double clicking on the file and entering the passphrase or by opening the file in Symantec Encryption Desktop. Opening the file in Symantec Encryption Desktop may be accomplished by the following:

Open Symantec Encryption Desktop.

  1. Locate the PGP Zip in the Control box in the left pane of the Symantec Encryption Desktop main screen.
  2. Select Open a PGP Zip from the PGP Zip menu. Browse to the desired file and select Open.
     

Edit a PGP Zip File

Opening the file in Symantec Encryption Desktop may be accomplished by the following:

  1. Open Symantec Encryption Desktop.
  2. Locate the PGP Zip in the Control box in the left pane of the Symantec Encryption Desktop main screen.
  3. Select the PGP Zip file which will be edited and click the Edit button.
  4. The file can be edited to append additional PGP user keys or additional files to the PGP Zip.
     

Using PGP Zip with Windows Explorer

Whenever a file is selected in Windows Explorer and right clicked upon, the Symantec Encryption Desktop menu is available for encryption and decryption processes. This option will provide access to the same PGP Zip program.


Encrypt a file using PGP Zip with Windows Explorer 

  1. Right click on a file or folder.
  2. Select the Symantec Encryption Desktop option from the Windows Explorer Context menu and select Add "file name..." to new PGP Zip...
    The PGP Zip Assistant will display and allow the same options when opening with Symantec Encryption Desktop.

Symantec Encryption Desktop has additional menu items available from the Windows Explorer context menu which allow access to encrypting files using the PGP Zip program. The following list provides a general summary of the functionality of the additional items available from the Windows Explorer context menu.

  • Secure "File Name..." with key - Encrypts the selected file or folder to a PGP key.
  • Secure "File Name..." with passphrase - Encrypts the selected file or folder with a passphrase.
  • Encrypt to "Master Keys..." - Encrypts the selected file or folder to key(s) contained within the Master Key List
  • Encrypt "File Name..." with Symantec File Share Encryption - Encrypts the selected file or folder as a Symantec File Share Encryption encrypted folder.
  • PGP Shred "File Name..." - Shreds the selected file utilizing the PGP Shredder.

 

Powered by Wolken Software