Deployment Guide
Table Of Contents
- Dell Encryption Personal Installation Guide v11.1
- Contents
- Overview
- Requirements
- Download the Software
- Installation
- Advanced Authentication and Encryption Personal Setup Wizards
- Configure Console Settings
- Uninstall the Master Installer
- Uninstall Using the Child Installers
- Data Security Uninstaller
- Policies and Template Descriptions
- Policies
- Template Descriptions
- Aggressive Protection for All Fixed Drives and External Drives
- PCI Regulation Targeted
- Data Breach Regulation Targeted
- HIPAA Regulation Targeted
- Basic Protection for All Fixed Drives and External Drives (Default)
- Basic Protection for All Fixed Drives
- Basic Protection for System Drive Only
- Basic Protection for External Drives
- Encryption Disabled
- Extract Child Installers
- Troubleshooting
- Glossary
Configure Pre-Boot Authentication
PBA is available if your computer is equipped with an SED. PBA is configured through the Encryption tab. When Dell Encryption
takes ownership of the SED, PBA is enabled.
To enable SED management:
1. In the Data Security Console, click the Administrator Settings tile.
2. Ensure that the backup location is accessible from the computer.
If Backup Location not found displays and the backup location is on a USB drive, either your drive is not connected or is
connected to a different slot than the one used during backup. If the message displays, and the backup location is on a
network drive, the network drive is inaccessible from the computer. If it is necessary to change the backup location, from
the Administrator Settings tab, select Change Backup Location to change the location to the current slot or accessible
drive. A few seconds after reassigning the location, the process of enabling encryption can proceed.
3. Click the Encryption tab and then click Encrypt.
4. At the Welcome page, click Next.
5. In the Pre-boot Policy page, change or confirm the following values, and click Next.
Attempts at non-cached user login
Number of times an unknown user can attempt to log in (a user that has not
logged in to the computer before [no credentials have been cached]).
Attempts at cached user login Number of times can a known user attempt to log in.
Attempts at answering recovery
questions
Number of times the user can attempt to enter the correct answer.
Enable Crypto Erase Password Select to enable.
Enter the Crypto Erase Password A word or code of up to 100 characters used as a fail-safe security
mechanism. Entering this word or code in the user name or password
field during Pre-boot authentication initiates a crypto erase, which removes
the keys from secure storage. Once this process is invoked, the drive is
unrecoverable. Leave this field blank if you do not want a crypto erase
password available in case of emergency.
Leave this field blank if you do not want to have a crypto erase password
available in case of emergency.
Remember Me Enables or disables the ability for users to select Remember Me on the PBA
login screen.
Configure Console Settings 29