|
|
|
|
|
|
Policy Name
|
Description
|
Value Range and Default
|
|---|---|---|
|
Allow Secure Delete
|
Specify whether to allow the user to delete files.
|
Yes, No
Default: Yes
|
|
Disable Optical Drive
|
Disable access to CD or DVD drives.
|
Yes, No
Default: No
|
|
Encryption Key Used
|
|
User Key, Group Key, Enterprise Key
Default: Group Key
|
|
Encryption Method Allowed
|
Choose which allowable ways to encrypt files are allowed:
|
User’s Unique Key, Group Unique Key, Encrypt With Static Password, Encrypt With Certificate
Default: All
|
|
Fully Encrypt Device
|
Specify whether all files/folders on removable media are encrypted.
|
Yes, No
Default: No
|
|
Allow USB Devices
|
Specify permitted USB devices.
|
Any, KeyArmor
Default: Any
|
|
Disable USB Drive
|
Disable the USB drive when not logged in, always disable, and never disable drive.
|
Always, Logged Out, Never
Default: Logged Out
|
|
Folders to Encrypt on Removable Media
|
The drive letter is given and the policy value corresponds to a valid removable media
device.
Non-existent folders are created. If no drive letter is given then all removable media
devices
attached to the device at login will use the policy values.
|
1-255 characters
Default: N/A
|
|
Specify Folders to Encrypt
|
List the folders that will be encrypted on the hard drive. Non-existent folders are
created. A
valid drive letter to the hard drive must also be supplied. A valid policy value is:
C:\EncryptedFolder.
|
1-255 characters
Default: %DESKTOP%\Encrypted Files
|