Users Guide

Table Of Contents

● Added 8/2017 - When the user inserts EMS-encrypted media and clicks Access Encrypted Files on a Windows 10

computer without the Encryption client installed, the options Install EMS Service and Run EMS Explorer are not

available. [DDPC-1449]

● On HCA-encrypted computers running the Windows 10 Fall Update, HCA decryption does not start after the HCA encryption

policy is changed to Off. [DDPC-1452]

● If the backup key location has changed or is no longer available, the backup fails with no obvious user notification other than

a red exclamation point (!) that displays above the key backup button in the local console. To work around this issue, click

the key backup button and enter a new backup location. [DDPC-1472]

● On some USB drives, External Media Shield leaves some files unencrypted and renamed with "CEF????<original

filename>ERR." This occurs only occasionally, with USB drives or drivers that repeatedly disconnect and reconnect the

drives. To work around this issue, rename the files with their original filenames, then remove and reconnect the drive. If the

EMS Scan External Media policy is On, the resulting encryption sweep will process the files. [DDPC-1532]

● If the HCA algorithm is changed after encryption, HCA encryption does not start. [DDPC-1533]

Advanced Authentication

● The fingerprint reader on the Latitude 7510 running Windows 10 loses functionality after upgrade to Windows 10 Fall Update.

To work around this issue, perform two restarts and the fingerprint reader will function again. [CSF-1210]

● Occasionally on computers running the Windows 10 Fall Update, fingerprints may need to be re-enrolled. [CSF-1225]

● The Crypto Erase Password policy does not erase the SED but, instead, deletes the authentication tokens for all users and

locks the SED. Afterward, only an administrator can forcibly unlock the device. [DDPLP-370, 26862]

Preboot Authentication

● After recovering PBA access through recovery questions, the password change page displays a message that, if no action is

taken, the user will be automatically logged in to the Windows session, although no automatic login occurs. [CSF-1083]

● Added 04/2018- When a user tries to sync to the server while using a Latitude 7204 Rugged Machine on an XFR dock with

Windows 10 x32 and the Encryption client installed, the options

Sync and Network are not available at the PBA Log in screen. [DDPC-1638]

● Added 4/2017 - Login or recovery fails when a German keyboard is used to enter special characters into the password or

recovery answer fields. [DDPC-5531]

Resolved Technical Advisories v8.7.1

Encryption

● With both VMware Mirage and Webroot running on Windows 7, the computer now starts normally. [DDPC-958]

● Access is now available to non-encrypted files that became inaccessible when encryption policy was changed or the file's

directory was moved. [DDPC-977]

● An issue that led to occasional computer unresponsiveness when running Trend Micro and Office 365 is now resolved.

[DDPC-1125]

● Performance is improved on computers running Trend Micro Behavior Monitoring and FireAMP. [DDPC-1216, DDPSUS-391]

● Upgrade to Windows 10 now proceeds as expected, after decrypting and uninstalling Enterprise Edition. If previous upgrade

attempts have failed on a computer, delete the hidden temporary folder, %systemdrive%\$Windows.~BT, before attempting

upgrade. [DDPC-1237]

● On Dell Latitude E7450 and Venue Pro 11 (7130), the issue of Access Denied errors preventing encryption of some Windows

folders is now resolved. [DDPSUS-521]

Advanced Authentication

● Single sign-on now succeeds on computers running Windows 7, with installation of the Microsoft KB, https://

support.microsoft.com/en-us/kb/2533623. [CSF-788]

● Installation now proceeds normally on computers running Windows 10 (64-bit). [CSF-968]

Technical Advisories