Symantec Encryption Desktop allows Self-Decrypting Archives to be created despite being disabled in Consumer Policy
search cancel

Symantec Encryption Desktop allows Self-Decrypting Archives to be created despite being disabled in Consumer Policy

book

Article ID: 162961

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server File Share Encryption Powered by PGP Technology PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK File Share Encryption Endpoint Encryption Gateway Email Encryption

Issue/Introduction

One of the Symantec Encryption Desktop Consumer Policy settings in Symantec Encryption Management Server is the following:

Allow conventional encryption and self-decrypting archives

If users create Self-Decrypting archives, there is a risk that users may forget the password with no means of recovery and therefore some organizations will wish to disable this feature.

Although this policy prevents users from creating password-protected PGP Zip archives as intended, it does not prevent users from creating self-decrypting archives.

 

Resolution

This issue is resolved in Symantec Encryption Desktop 10.3.2 MP12. Beginning with this release, when the Allow conventional encryption and self-decrypting archives policy is disabled, users cannot create either password protected or self-decrypting PGP Zip archives.

Powered by Wolken Software