JPritchard
ESET Staff-
Posts
26 -
Joined
-
Last visited
-
Days Won
1
JPritchard last won the day on May 23 2023
JPritchard had the most liked content!
About JPritchard
-
Rank
Newbie
Profile Information
-
Location
U.K.
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Hello, Only if you delete the 'premiumkey.dat' file in C:\Users\USERNAME\AppData\Local\DESlock+\ If you disable Secure Data or uninstall ESSP, then this file is left behind intentionally so you don't lose your encryption key in the event that you re-install Secure Data. Regardless, there's a lot being discussed in this thread and I feel it would be best that these questions are answered through the correct support channels so we can address each query accurately. Please submit a support case for your queries and we'll assist you from there. Thanks! Kind regards Jay Pritchard Encryption Technical Support Engineer III / Team Lead
-
BowForMe reacted to a post in a topic: Eset encrypted drive: Error authenticating or mounting encrypted virtual drive (Error code: 0xC00F000C)
-
BowForMe reacted to a post in a topic: Eset encrypted drive: Error authenticating or mounting encrypted virtual drive (Error code: 0xC00F000C)
-
Hello BowForMe, In your opening post, you said: ESSP Secure Data creates an encryption 'keystore' file called 'premiumkey.dat' in C:\Users\USERNAME\AppData\Local\DESlock+\ If you delete this directory and the files within, then the encryption key is no longer available and your encrypted USB cannot be decrypted or accessed. Re-installing ESSP and enabling Secure Data will generate a new keystore file, which will NOT work for anything encrypted with a different key. If we're lucky, and you still have the directories and files you deleted in the Recycle Bin, then you should be able to restore them and access your USB stick! If not, perhaps you have a Windows backup that you can restore where the DESlock+ directory and files are intact and can be restored to regain access to your USB. Failing this, the data on the USB is inaccessible and you will need to format the device for future use. Kind regards Jay Pritchard Encryption Technical Support Engineer III / Team Lead
-
ESET Full Disk Encryption Status per computer per drive
JPritchard replied to PhilAffirmIT's topic in ESET PROTECT
-
EFDE and EEE both slow down the disk speed dramatically.
JPritchard replied to PAACIT-Richard's topic in Encryption
Hello Richard, While I cannot comment on the development plans for the encryption products, I would like to offer my team's help to investigate this issue. In your previous post you said, If your users are noticing a considerable performance impact performing the actions above, then please can you submit a support case and request that the case is escalated to HQ so my team can investigate the issue? Please note that due to the nature of the problem, we will ask you to perform and record your findings doing various tasks on a system that has already experienced performance related issues. These tasks will need to be completed while the computer is encrypted and then again while not encrypted. This will help paint a clear picture of the scope of the issue. I'd like to add a little more background information. Using software-based Full Disk Encryption will always have a performance overhead. This is true of all encryption vendors, not just ESET. How much of a performance impact can vary from system to system, as there are multiple factors involved. However, we expect that a computer used in a "normal" office setting will operate with little to no discernible difference to the user after Full Disk Encryption has been completed (we expect performance to be more highly impacted while encryption is in progress, but this impact will subside after encryption has completed). However, depending on the nature of the work the user does, they may notice more of an impact, such as using 3-D rendering software or during video editing and rendering. Perhaps this ties in with your statement here: Could it be the user is experiencing a performance impact while encryption is currently in progress? Regardless, in instances where a user needs the best disk performance available, EEE/EFDE supports OPAL 2.0 self-encrypting drives. This hardware-level encryption has no performance impact at all to the drive. Have you explored this with your customers as a solution to their concerns? Please let me know if you submit a support case, as I want to be personally involved in the investigation. All the best, Jay Pritchard Technical Support Engineer III / Tier 3 Encryption Support Team Lead -
Good afternoon, Based on your description of the problem, I recommend you contact ESET support for further assistance. Please include any details of how you performed the SQL backup & restore, so we have a clear understanding of what steps you have taken so far. Thanks Jay Prichard
-
NobelDwarf reacted to a post in a topic: ESET Full Disk Encryption Recovery Passwords
-
Hello, As far as I know, it is not possible to remove recovery passwords from the ESET Protect console. I suspect the computer in question has been decrypted and re-encrypted several times. Each time you encrypt a computer (even if it's the same computer) a Workstation ID is generated. This is likely why you're seeing three recovery passwords, but each have different Workstation ID's. When reseting a User's password in this manner, always match the index number and the Workstation ID with what the User see's on their computer in the recovery screen. Kind regards, Jay Pritchard Encryption Technical Support Engineer III / Team Lead
-
Mauricio Osorio reacted to a post in a topic: ESET Endpoint Encryption - How to disable password encryption
-
ESET Endpoint Encryption - How to disable password encryption
JPritchard replied to Mauricio Osorio's topic in Encryption
Hello Mauricio, Thank you for clarifying that the user is managed by an EEES. I think you need to adjust the Group Policy in your EEES to prevent Users from encrypting data with passwords. This will force them to use encryption keys instead, which are backed up on the EEES itself. This avoids the situation of forgetting passwords entirely. Please see my attached image, as this shows the specific Group Policy setting that you need to change. After changing the setting, don't forget to post a key-file update out to the affected Users to push the new settings to their computers. For more information on this process, please see: KB7408 - ESET Endpoint Encryption Server group policy settings As for pre-existing data encrypted with passwords, it would be best to decrypt and then re-encrypt the data using a key instead. Please let me know if you have any further questions. Jay Pritchard Technical Support Engineer III / Encryption Support Team Lead -
Mauricio Osorio reacted to a post in a topic: ESET Endpoint Encryption - How to disable password encryption
-
ESET Endpoint Encryption - How to disable password encryption
JPritchard replied to Mauricio Osorio's topic in Encryption
Hello Mauricio, Is the User's ESET Endpoint Encryption client (EEE) managed by an ESET Endpoint Encryption Server (EEES)? If so, the encryption keys and recovery data are available in the EEES for the Administrator to decrypt and access the computer and data if necessary. However, if the User has a standalone version of EEE installed, then only they know their key-file password and FDE Admin credentials. You may wish to discuss with them sharing these details, however this creates a security risk of sharing important passwords. If they are using a standalone version of EEE, then you may want to encourage the User to create a key-file backup and create a backup of their FDE Admin password file ('adminpassword.html'). This file will have been generated at the time they originally performed FDE on their computer. This file is most likely stored on a USB device already. For more details, see: KB7571 - Back up Key-File in ESET Endpoint Encryption As a side note, it is possible to 'adopt' standalone clients into an EEES, so perhaps consider upgrading/purchasing an EEES to provide the means of recovery in such cases. I hope this helps! Jay Pritchard Technical Support Engineer III / Encryption Support Team Lead -
Kstainton reacted to a post in a topic: Use existing Secure Data Virtual Drive after windows reset
-
Hello, Unfortunately the encryption key tied to your Virtual Drive will have been lost in the Windows reset. Without the key, it is not possible to automatically mount the Virtual Drive, this is why you must enter the password manually each time. I recommend creating a new Virtual Drive and copying/moving all contents from the old one to the new one. This will allow you to automatically mount the Virtual Driveas desired. Best regards, Jay Pritchard Encryption Technical Support Engineer III / Team Lead
-
Hi Brian I have run a test in a virtual environment this morning and I did not encounter any issues installing the afforementioned update on an encrypted virtual machine. In my attached screenshots, you can see I installed the same Insider Preview 22593.1 (ni_release) update: I did nothing special, I simply installed Windows 11 from scratch, installed EEE v5.1.1.14, performed FDE using the TPM in PIN mode, joined the Windows Insider Program (on the beta branch) and then checked for updates to allow the computer to download and install the update. During the update, the computer rebooted several times which required me to enter my pre-boot credentials (PIN code), but the actual update was successful and I could sign into Windows as normal. My second screenshot shows the update was successfully installed and shows the build number: If you can reproduce the issue, then please let me know the exact steps you have taken and I'll try again 🙂 And if you do manage to reproduce the issue, then there might be some log files that will help us identify what environmental variables are involved to help us reproduce the issue. Best regards, Jay Pritchard Encryption Technical Support Engineer III / Team Lead
-
Hello, This is a rather tricky problem to guide you through on a forum. For this reason you may want to reach out to ESET support for further help. If you want to continue this discussion here, then we need to first reset the file associations. As you have made manual adjustments to the file associatations in the registry, you may want to re-install Windows again to reset these file association settings. I'm afraid that re-installing ESSP doesn't reset the Secure Data file associations and as you have only recently installed Windows from scratch, I am hopeful that it won't be a complicated process to do this again. After re-installing Windows, install ESSP and enable the Secure Data module. From this stage, I would like to know exactly what happens when attempting to open your Virtual Disk. Does it prompt for the Virtual Disk password?
-
Hello, ESET Smart Security Premium requires you to specify a password when encrypting data. Please can you give me more information about the encrypted file in question. Is it a Virtual Disk file? Or something else? Do you know the password for the file you are attempting to access? Specifically what happens when you attempt to open the encrypted file?
-
Hello @Pavilions! I deeply apologize for the delay in responding to you. I'm afraid it's not currently possible to force the encrypted folder to prompt for a password each time you access the directory when using ESET Smart Security Premium. As an alternative solution you may be interested by ESET Endpoint Encryption, as this has more functionality with how it handles encrypted data. For example, all granular encrypted data can be quickly protected by logging out of the software's "key-file". This prevents anyone from accessing the encrypted data until you enter the key-file password to regain access. I hope this helps you.
-
Hello, EFDE does not utilize/manage Bitlocker. EFDE performs the encryption itself and is managed by ESET Protect. Let me know if you have any further questions