Users cannot open files copied or moved from a folder protected by File Share Encryption

book

Article ID: 169585

calendar_today

Updated On:

Products

Encryption Management Server File Share Encryption Powered by PGP Technology

Issue/Introduction

If a file in a folder protected by File Share Encryption is copied or moved to an unprotected folder, the file remains encrypted.

Users without the decryption key will not be able to open the file, even though it is in an unprotected folder.

Cause

This is by design.

Environment

  • Encryption Desktop File Share encryption 10.3 and above managed by Encryption Management Server 3.3 and above.
  • Group Keys enabled.

Resolution

The following will occur when a file is copied or moved from a folder protected by File Share encryption to a folder that is not protected by File Share:

  • If the file is copied or moved the file stays encrypted. This applies whether Windows Explorer or the command line is used.
  • If the file is copied using the command line but the destination is given a differerent file name, the file is automatically unencrypted.
  • If the file is copied using Windows Explorer but an unprotected file with the same name exists in the destination folder and the option to Copy, but keep both files is chosen, the file is automatically unencrypted.
  • If the file is moved using Windows Explorer but an unprotected file with the same name exists in the destination folder and the option to Move, but keep both files is chosen, the file remains encrypted.
  • If a protected file is attached to an email message, the file is decrypted automatically when sent.

One of the policy options for File Share is to specify folders in which files will not be encrypted:
Prevent the encryption of files in the following folders

If a protected file is copied or moved to such a "blacklisted" folder, it is automatically decrypted.