search cancel

Endpoint Encryption Removable Media Encryption encrypts files copied to Virtual Hard Disk


Article ID: 175848


Updated On:


Endpoint Encryption


VHD (Virtual Hard Disk) files can be either mapped to drive letters or mounted as local folders in Windows.

When a VHD is mounted as a local folder, Endpoint Encryption Removable Media Encryption will not automatically copy the Removable Media Access Utility to the folder. However, it will encrypt files copied to the VHD folder. The lock icon does not appear next to files copied to the VHD folder so they do not appear to be encrypted.

When a VHD is mapped to a drive letter, the Removable Media Access Utility is copied to the VHD drive and files copied to the drive are encrypted. The lock icon does appear next to the copied files.

A VHD located on a network share can be mounted as a local folder and used to store roaming Outlook OST cache files in a VDI environment. Encrypting the files results in significant performance degradation, making the VHD unsuitable for this purpose.

It is not possible to prevent files copied to VHD from being encrypted.


Symantec Endpoint Encryption Removable Media Encryption 11.0 and above.


Physical disks can be added to the Device Exclusions list of Endpoint Encryption Removable Media Encryption. See article tech254412 for details. However, this is not possible with VHD drives because they are missing the Vendor ID and Product ID attributes.

Therefore the only way of avoiding this issue is either to avoid using VHD drives or not to install Endpoint Encryption Removable Media Encryption.

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product. Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.