McAfee® Encrypted USB Devices User Guide McAfee Encrypted USB—Standalone 7.
COPYRIGHT Copyright © 2008 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS SAFEBOOT is a registered trademark or trademark of McAfee, Inc. and/or its affiliates in the US and/or other countries.
Contents Introducing McAfee Encrypted USB Devices ........................................ 4 About McAfee Encrypted USB Devices ........................................................ 4 Security ...................................................................................................... 5 System requirements ................................................................................. 5 Getting started ...................................................................................
Introducing McAfee Encrypted USB Devices McAfee Encrypted USB Devices are USB (Universal Serial Bus) portable drives that provide different types of security and data encryption. You can personalize and manage a device using McAfee Encrypted USB—Standalone software (referred to as Encrypted USB throughout the rest of the document). Encrypted USB provides step-bystep instructions to help you set up your device and start using it.
Introducing McAfee Encrypted USB Devices Security McAfee Encrypted USB Devices User Guide Note: Read-only disk partitions on the following devices can be configured as a regular drive or as a CD-ROM: McAfee Zero Footprint Biometric Encrypted USB, McAfee Encrypted USB Hard Disk, and McAfee Zero Footprint Non-Biometric Encrypted USB. For more information, see “Starting programs using the Encrypted USB menu” on page 16.
Getting started You must personalize a new or recycled McAfee Encrypted USB Device the first time you use it. For information about recycling a device, see “Recycling a device” on page 15. For McAfee Standard Encrypted USB devices, you must install McAfee Encrypted USB— Standalone before you can personalize the device. If you are using a device with a previous version of Encrypted USB, you can upgrade to the newest version.
Getting started Starting Encrypted USB McAfee Encrypted USB Devices User Guide Custom The Custom option lets you choose the authentication method to use with the device and customize device policies. The policies that are available depend on the type of device you have, for example, biometric or non-biometric. When a device has multiple users, the private partition space is divided equally among all users.
Getting started Installing McAfee Encrypted USB—Standalone McAfee Encrypted USB Devices User Guide To start Encrypted USB From the notification area at the far right of the taskbar, click the McAfee icon, and then click the appropriate option from the menu. If you are using McAfee Standard Encrypted USB, from the Start menu, click All Programs, McAfee, McAfee Encrypted USB, and then click the appropriate option from the menu.
Accessing the device You can lock the device to ensure that only authenticated users can access it while you are away from the computer. You can also disconnect the device completely to bring the data with you. Light emitting diodes (LEDs) indicate the current state of the device. Once authenticated, you can save files to, and open files from, a private partition. You can also copy data between two McAfee Encrypted USB Devices.
Accessing the device Understanding LED states McAfee Encrypted USB Devices User Guide 3 When you see the following prompt, you can safely disconnect the device from the USB port. Caution Disconnecting the device either accidentally or on purpose, without using the safely remove hardware operation, could corrupt the data on the device.
Accessing the device Saving and opening files McAfee Encrypted USB Devices User Guide Saving and opening files You can save files to a private partition that only you can access. The device encrypts data saved to a private partition using the FIPS-approved AES algorithm (does not apply to McAfee Standard Encrypted USB devices). Data is automatically decrypted when you open the file. Once you authenticate to the device, you can access files on your private partition.
Managing users An Administrator can create and delete users. Users can manage their authentication methods by enrolling or deleting fingers, changing their password, or both. You can also rescue users who can no longer authenticate to the device.
Managing users Deleting a user McAfee Encrypted USB Devices User Guide 2 Complete the instructions on the Create User page to add the user and authentication credentials. Deleting a user Only the administrator can remove a user from the device. Once you delete a user, the user’s data is permanently lost even if a key recovery system exists. To delete a user 1 On the main page of Encrypted USB, under User Management, click Delete User.
Managing users Rescuing a user McAfee Encrypted USB Devices User Guide Rescuing a user Rescuing a user resets the user’s authentication method by deleting finger enrollments, resetting a password, or both. Users can then enroll fingers and set a password as required. For more information, see “Managing authentication methods” on page 13. Only an Administrator can rescue a user if you or another user on the device can no longer authenticate to it.
Managing devices Recycling a device removes all users and data from the device. You can also view device information to verify user, device configuration, partition, and version information. McAfee devices (except McAfee Standard Encrypted USB) can be configured so that you can start other programs on your device using the McAfee Encrypted USB—Standalone menu in the taskbar.
Managing devices Starting programs using the Encrypted USB menu McAfee Encrypted USB Devices User Guide 2 On the Device Information page, click one of the following categories: User—provides authentication and partition information for each user, such as the number of finger enrollments allowed, password and two-factor status, and private partition size. Device Settings—contains biometric and hardware information such as retry limits and security levels, and the device serial number.
Troubleshooting If you have problems using your McAfee Encrypted USB—Standalone, you may find a solution in one of the following scenarios. For further technical assistance, contact http://www.mcafee.com/us/support/index.html. I cannot eject my device When you try to eject your device from the file manager, you may encounter the following error: “Cannot Unmount Volume—An error was encountered trying to unmount 'Removable Disk (F:)' Check to make sure there are no open files or windows from that volume.
Troubleshooting Password or biometric access to my device is blocked McAfee Encrypted USB Devices User Guide Password or biometric access to my device is blocked You will receive a warning message when you have only one remaining password or biometric attempt left before you reach the retry limit. When you exceed the retry limit, the device blocks you from authenticating to it using that authentication method. You must contact your administrator to unblock your user account.
Appendix: Device policy settings During the Custom personalization process, you can customize device policy settings. The policy settings that are available vary according to the type of authentication the device uses. For more information about personalizing a device or to see a list of default device settings, see “Personalizing a device” on page 6 or “Choosing and applying a device profile” on page 6.
McAfee Encrypted USB Devices User Guide Table 1-1: Device policy settings Policy setting Description Applicable devices Biometric Retry Limit—All users are automatically blocked from accessing the device using biometric authentication. Password authentication is still available (if applicable).
Index devices about profiles 6 adding users 12 advanced settings 19 default settings 6 personalizing procedure read-only partition 18 recycling 15 rescuing users 14 disconnecting the device 9 A adding fingers 13 first user 7 users 12 administrative privileges 12 Administrator about 7 Advanced profile about 19 applications starting 16 authentication methods 13 E editing passwords 13 ejecting device troubleshooting 17 Encrypted USB starting 7 upgrading 8 Encrypted USB menu 5 enrolling fingers 13 enrollment
McAfee Encrypted USB Devices User Guide flashing green slow flashing red 10 solid green 10 solid orange 10 solid red 10 states 10 LED states 10 locking the device 9 S 10 Safely Remove Hardware operation saving files 11 software version 15 starting Encrypted USB 7 supported operating systems 5 Web browsers 5 system requirements 5 M T Management code 6 mapping network drives 18 McAfee system requirements 5 McAfee Standard Encrypted USB installing 8 minimum password length about 19 technical support 17
