Prior to starting full disk encryption, you are advised to make sure that the computer is not infected. To do so, start the Full Scan or Critical Areas Scan task. Performing full disk encryption on a computer that is infected by a rootkit may cause the computer to become inoperable.
To perform full disk encryption using Kaspersky Disk Encryption technology:
Kaspersky Disk Encryption technology cannot be used if the computer has hard drives that were encrypted by BitLocker.
If the computer has several operating systems installed, after encrypting all hard drives you will be able to load only the operating system that has the application installed.
If you need to exclude some of the hard drives from encryption, create a list of such hard drives.
If you are applying encryption on a drive that is already in use, it is recommended to encrypt the entire drive. This ensures that all data is protected – even deleted data that might still contain retrievable information. The Encrypt used disk space only function is recommended for new drives that have not been previously used.
If a device was previously encrypted using the Encrypt used disk space only function, after applying a policy in Encrypt all hard drives mode, sectors that are not occupied by files will still not be encrypted.
Legacy USB Support is a BIOS/UEFI function that allows you to use USB devices (such as a security token) during the computer's boot phase before starting the operating system (BIOS mode). Legacy USB Support does not affect support for USB devices after the operating system is started.
When the Legacy USB Support function is enabled, the Authentication Agent in BIOS mode does not support working with tokens via USB. It is recommended to use this option only when there is a hardware compatibility issue and only for those computers on which the problem occurred.