Jump to content

Endpoint Encryption and mobile devices


Ufoto
 Share

Go to solution Solved by Kstainton,

Recommended Posts

Hello,

We have a pretty basic Endpoint Encryption setup where users are asked to encrypt their USB removable storage devices. Recently we noticed that when a phone is plugged in and its file system shown in Windows, nothing happens. Is this expected behavior? I know that mobile phones are detected as Windows Portable Devices rather than Removable Storage Devices, and encrypting the entire drive might not be recommended, but at least 'File' encryption where only a part of the drive is encrypted should be possible. 

My question is, are mobile devices eligible for encryption and our configuration is simply not properly set up. Or is the product supposed to target only removable storage devices such as memory sticks and portable hard drives?

Thank you in advance!

Link to comment
Share on other sites

  • ESET Staff
  • Solution
Posted (edited)

Hi @Ufoto,

You cannot use Removable Media Encryption to Encrypt a Mobiles Phones File System. Even if you managed it, the phone would no longer function as it wouldn't be able to read its own data due to the Encryption.

RME only offers to Encrypt drives that have volumes and a drive letter.

Thank you,

Kieran

Edited by Kstainton
Link to comment
Share on other sites

Thank you for the confirmation. I was aware about encrypting the whole storage area, however I was unsure about 'File' encryption. 

Link to comment
Share on other sites

  • ESET Staff

Hi @Ufoto

File Encryption is also not possible, the way I should have put it is that Removable Media Encryption, whether it be FDE or File is not possible on a Mobile Device.

Thank you.

Link to comment
Share on other sites

Apologies for the unrelated question, but is it possible to make the Mobile Devices read-only using the Endpoint Encryption solution? This would be a workaround in our scenario.

Thank you again!

Link to comment
Share on other sites

  • ESET Staff
Posted (edited)
17 hours ago, Ufoto said:

Apologies for the unrelated question, but is it possible to make the Mobile Devices read-only using the Endpoint Encryption solution? This would be a workaround in our scenario.

Thank you again!

Hi @Ufoto,

The EEE Server / EEE Client, cannot do this directly at the moment, we may look into this for a future addition to our software.

The reason why it cannot do it at the moment is because RME uses a File System Filter Driver so it works with devices that expose a file system. Mobile Devices do not provide a file system, they use Windows Portable Devicewhich I can see from your previous messages you have a complete understanding of.

I am afraid at this time you will need to setup Read/Write permissions using your GPO for WPD devices. I do apologize if this causes any inconvenience. 

Thank you.

Kieran

Edited by Kstainton
Link to comment
Share on other sites

1 hour ago, Kstainton said:

Hi @Ufoto,

The EEE Server / EEE Client, cannot do this directly at the moment, we may look into this for a future addition to our software.

The reason why it cannot do it at the moment is because RME uses a File System Filter Driver so it works with devices that expose a file system. Mobile Devices do not provide a file system, they use Windows Portable Devicewhich I can see from your previous messages you have a complete understanding of.

I am afraid at this time you will need to setup Read/Write permissions using your GPO for WPD devices. I do apologize if this causes any inconvenience. 

Thank you.

Kieran

Hi Kstainton,

 

Thank you for the comprehensive answer. I understand now.

 

Have a great day ahead!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...