search cancel

Symantec Encryption Desktop allows Self-Decrypting Archives to be created despite being disabled in Consumer Policy


Article ID: 162961


Updated On:


Desktop Email Encryption Drive Encryption Encryption Management Server File Share Encryption Powered by PGP Technology


One of the Symantec Encryption Desktop Consumer Policy settings in Symantec Encryption Management Server is the following:

Allow conventional encryption and self-decrypting archives

If users create Self-Decrypting archives, there is a risk that users may forget the password with no means of recovery and therefore some organizations will wish to disable this feature.

Although this policy prevents users from creating password-protected PGP Zip archives as intended, it does not prevent users from creating self-decrypting archives.



This issue is resolved in Symantec Encryption Desktop 10.3.2 MP12. Beginning with this release, when the Allow conventional encryption and self-decrypting archives policy is disabled, users cannot create either password protected or self-decrypting PGP Zip archives.