Encryption of removable drives

This component is available if Kaspersky Endpoint Security is installed on a computer that runs on Windows for workstations. This component is unavailable if Kaspersky Endpoint Security is installed on a computer that runs on Windows for servers.

Kaspersky Endpoint Security supports encryption of files in FAT32 and NTFS file systems. If a removable drive with an unsupported file system is connected to the computer, the encryption task for this removable drive ends with an error and Kaspersky Endpoint Security assigns the read-only status to the removable drive.

To protect data on removable drives, you can use the following types of encryption:

During encryption, Kaspersky Endpoint Security creates a master key. Kaspersky Endpoint Security saves the master key in the following repositories:

After encryption is complete, the data on the removable drive can be accessed within the corporate network as if was on an ordinary unencrypted removable drive.

Accessing encrypted data

When a removable drive with encrypted data is connected, Kaspersky Endpoint Security performs the following actions:

  1. Checks for a master key in the local storage on the user's computer.

    If the master key is found, the user gains access to the data on the removable drive.

    If the master key is not found, Kaspersky Endpoint Security performs the following actions:

    1. Sends a request to Kaspersky Security Center.

      After receiving the request, Kaspersky Security Center sends a response that contains the master key.

    2. Kaspersky Endpoint Security saves the master key in the local storage on the user's computer for subsequent operations with the encrypted removable drive.
  2. Decrypts the data.

Special features of removable drive encryption

Encryption of removable drives has the following special features:

In this section

Starting encryption of removable drives

Adding an encryption rule for removable drives

Exporting and importing a list of encryption rules for removable drives

Portable mode for accessing encrypted files on removable drives

Decryption of removable drives

Page top