Endpoint Encryption

 View Only
  • 1.  SEE 8.2 registry entry for encryption status?

    Posted Jan 10, 2012 10:26 AM

    Our company is upgrading from Guardian Edge 9.5.3 SP3 to SEE 8.2. When Guardian Edge was installed, there was a registry entry that gave a encryption status of the machine. Located at HKEY_LOCAL_MACHINE\SOFTWARE\Encryption Anywhere\Hard Disk\EAFS\Disk0, it would give one of four statuses: StatusEncrypted, StatusDecrypted, EncryptionInProgress, DecryptionInProgress. With SEE 8.2, there doesn't seem to be an equivalent. Is there a key I'm missing somewhere that gives this information?



  • 2.  RE: SEE 8.2 registry entry for encryption status?

    Posted Jan 24, 2012 08:52 PM

    Same question.  Pointsec let us see the status in the registry.  I can't seem to find similar information from SEE.



  • 3.  RE: SEE 8.2 registry entry for encryption status?

    Posted Jan 26, 2012 06:30 PM

     @ Skersey -

    all the registry keys still exist in 8.2 and they still get populated under the _LOCAL_MACHINE\\SOFTWARE\\Encryption Anywhere\\Hard Disk\EAFS even with 8.2.

     You might have misread the underlying cause and attributed it to the software upgrade. If the permissions are not correctly set for Windows 7, another process cannot see these registry keys.

     Giving permissions on nested registry keys is rather painful in Windows 7 than it is on windows XP (you need to take ownership of registry key and propagate it before setting permissions etc)

     Here are the approximate steps needed to change registry permissions on Windows 7 (you should use this with a grain of salt). This is not an official method but will work. 

    1. Click Start -> run -> type regedit -> Registry Editor will open.
    2. Locate HKLM\SOFTWARE\Encryption Anywhere\Hard Disk\
    3. Right click on Hard Disk -> Permissions.
    4. Click on Advanced.
    5. Click on Owner tab.
    6. Select the currently logged  say userN (userN needs Windows admin privileges).
    7. Check the “Replace owner on subordinates and objects” check box.
    8. Click Apply.
    9. Click OK.
    10. Click on Permissions tab.
    11. Check the “Replace all child object permissions with inheritable  permissions from this object” check box.
    12. Click on Effective Permissions tab.
    13. Click on Select and select currently logged on userN.
    14. Make sure that all check boxes under Effective permissions are checked. If not, check them and click Apply.
    15. Click OK.
    16. Click on the currently logged on userN on the list of the users.
    17. Put check marks in the “Full Control,” “Read,” and “Special Permissions.”
    18. Click OK.
    19. Repeat steps 1 t0 18 for HKLM\SOFTWARE\Encryption Anywhere\Hard Disk\EAFS key