Encryption policy is a group of settings available for the JCM administrator to manage encryption on all local volumes and removable devices on client computers. The encryption policy is implemented using BestCrypt Volume Encryption software installed on client computers.
Encryption policy includes the following settings:
If this option is set, the user on the client computer will be asked to enter a password to start encryption process. All the local volumes will be encrypted. However, mapped network drives will not be encrypted.
If a removable device (i.e. a USB drive) is connected to the computer and this option is checked, the user will be asked to enter a password to start the encryption of the removable device. If the user refuses to encrypt, access to the disk will be restricted according to the selected options listed below. If the option is disabled, the user won't be forced to encrypt the removable device. For an encrypted removable drive, the user will be able to enter password to either decrypt or continue using it.
When enabled, end users are offered to activate automatic enrollment into Windows after entering boot-time encryption password (a.k.a Single-SignOn). This setting is not enforced and can optionally be declined by the end user or altered via BestCrypt Volume Encryption Client interface.
When not enabled, Single-SignOn that has previously been set up will be deactivated and end users will be disallowed to enable Single-SignOn via BestCrypt Volume Enccyption Client interface.
Performs automatic encryption only for disk space occupied by files. Applies to both Fixed and Removable media.
To create a new encryption policy, click Add new policy hyperlink in the right part of encryption policies list presented on the Company page. The following dialog will appear:
Set all the settings and click
To edit an existing encryption policy, click on the policy name in the list of encryption policies presented on the Company page. The following dialog will appear:
Make any desired changes and click