File Level Encryption on local computer drives

Support

Support for business applications

Kaspersky Endpoint Security 11 for Windows

Data Encryption

File Level Encryption on local computer drives

April 25, 2024

ID 57604

This component is available if Kaspersky Endpoint Security is installed on a computer that runs on Windows for workstations. This component is unavailable if Kaspersky Endpoint Security is installed on a computer that runs on Windows for servers.

File encryption has the following special features:

Kaspersky Endpoint Security encrypts / decrypts files in predefined folders only for local user profiles of the operating system. Kaspersky Endpoint Security does not encrypt or decrypt files in predefined folders of roaming user profiles, mandatory user profiles, temporary user profiles, or redirected folders.
Kaspersky Endpoint Security does not encrypt files whose modification could harm the operating system and installed applications. For example, the following files and folders with all nested folders are on the list of encryption exclusions:
- %WINDIR%;
- %PROGRAMFILES% and %PROGRAMFILES(X86)%;
- Windows registry files.
The list of encryption exclusions cannot be viewed or edited. While files and folders on the list of encryption exclusions can be added to the encryption list, they will not be encrypted during file encryption.

In this section

Encrypting files on local computer drives

Forming encrypted file access rules for applications

Encrypting files that are created or modified by specific applications

Generating a decryption rule

Decrypting files on local computer drives

Creating encrypted packages

Restoring access to encrypted files

Restoring access to encrypted data after operating system failure

Editing templates of encrypted file access messages