Using PGP WDE for External Drives


Article ID: 156002


Updated On:


Symantec Products


How to use Use PGP WDE for External Drives


External Disk(s) - Recovery options after losing Passphrase :


Encryption of external media using managed PGP Desktop generates a recovery token for each external device allowing Administrator to recover from a lost passphrase.  PGP Universal Server assigns a unique token to each device. Users having multiple devices should keep a note of the sizes and manufacturers for each of their external devices in order to distinguish the correct recovery token(s) from PGP Universal Server.
Before Encrypting an External Disk
  1. Disconnect the encrypted external devices in safe manner and care should be taken particularly while the drive is being encrypted or decrypted. Avoiding this may result in an unrecoverable data loss.
  2. The encrypted external drives are only decrypted on computers with PGP Desktop installed. Computers without PGP Desktop installed will be unable to read the encrypted drive and may request that the user reformat the disk.
  3. Have a valid backup of External device because a hardware failure may result in an unrecoverable data loss.
  4. Encryption process takes considerable time depending on the size of data, size of disk, partitions etc. so you need to Plan carefully to allow enough time for encryption. It make take several hours to encrypt large external drives, depending on processor and bus speed.


Steps to Encrypt an External Drive (Policy applied on PGP Universal Server)

  1. Open PGP Desktop.
  2. See the PGP Disk Control box in the lower left click PGP Disk OR Go to View menu and click Encrypt Whole Disk.
  3. Select the drive you wish to encrypt.
  4. Select Add User Key...
  5. Click on My Private Keys and select the appropriate key in the Key Source window and click Add.
  6. Click OK.
  7. Click Encrypt in the upper right-hand corner.
  8. Yes to confirm.
  9. Enter the PassPhrase click OK this will start the encryption.
Note: The PassPhrase you enter should be matching the PassPhrase you entered for user enrollment. After the drive is encrypted the PGP Desktop icon in the system tray turns to lock.
Mac OS X
  1. In PGP Menu The top right of the screen near clock, select Open PGP Desktop.
  2. Click on PGP Disk.
  3. Click the Encrypt a Disk button.
  4. Click on drive to encrypt and click Continue.
  5. Select the option to Encrypt with a Passphrase.
  6. Then enter your passphrase, click Continue.
  7. click Encrypt after the confirmation.
  8. The progress bar will show you the encryption status.



Applies To

PGP Universal Server with Consumer Policy to encrypt the external devices.

Managed PGP Desktop
In PGP Whole Disk Encryption we can enable the encryption of external drives/media (USB keys, External Hard Drives, etc.) if the policy is enabled on PGP Universal Server.