Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

261

262

263

264

265

266

267

268

269

270

Security Management Server Virtual v10.2.10 AdminHelp

251

Advanced Removable Media Encryption

A note about Removable Media Encryption policies: Mac Media Encryption policies are device-based

policies. This is different behavior than Windows Media Encryption, which are user-based.

Policy descriptions also display in tooltips in the Management Console. In this table, master policies are

in bold font.

Policy

Default

Setting

Description

Windows Media Encryption

This technology works on Windows computers using Dell Encryption External Media to encrypt data on

removable devices, which can be accessed using a user-defined password. These policies allow

configuration of the Encryption External Media password requirements and the removable media

allowed.

Windows Media

Encryption

Off

This policy must be selected to use all other removable media

policies. Not Selected means that no encryption of removable media

takes place, regardless of other policy values.

EMS Exclude CD/DVD

Encryption

Not Selected False encrypts CD/DVD devices.

EMS Allow Read-

access

to unShielded Media

(5.4.x Only)

Selected

This policy applies to 5.4.x Windows Encryption clients only.

More...

If a user chooses not to encrypt media and this policy is set to True,

they are able to read or delete existing files on the media that are

not encrypted, but the client does not al

low any files to be edited on

or added to the media unless it is Dell-encrypted.

EMS Encryption

Algorithm

AES256

AES 256, AES 128, 3DES

Encryption algorithm used to encrypt removable media.

Encryption algorithms in order of speed, fastest first, are AES 128,

AES 256, 3DES.

EMS Data Encryption

Key

User Roaming

Common, User, User Roaming

Choose a key to be used by the Encryption client to encrypt all data

encrypted by the Encryption External Media.

More...

You cannot save a policy where this policy has the same value as

either User Data Encryption Key policy or Application Data

Encryption

Key policy, the error message Policy Constraint Violation: The value

for EMS Data Encryption Key conflicts with User Data Encryption Key

and/or Application Data Encryption Key will display.

EMS Automatic

Authentication

Disabled

Disabled, Local, Roaming

Local automatic authentication allows the encrypted media to be

automatically authenticated when inserted in the originally encr

ypting

computer when the owner of that media is logged in. When automatic

authentication is Disabled, users must always manually

authenticate to

access encrypted media.

Not Selecting Roaming automatic authentication helps to prevent users

from forgetting their password when they take the media home or

it with a colleague. Not selecting Roaming automatic authentication

also promotes a sense of awareness from a security perspective for

users that the data being written to that media is protected.

EMS Access Encrypted

Data on unShielded

Device

Selected

Selected allows the user to access encrypted data on removable media

whether the endpoint is Dell-encrypted or not.

More...

When this policy is False, the user can work with encrypted data when

logged on to any Dell-encrypted endpoint . The user cannot work with

encrypted data using any device that is not Dell-encrypted.