HOW TO: Use PGP Virtual Disks in PGP Desktop 9.5 for Macintosh

book

Article ID: 180136

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

 

Resolution


This article explains how to create and use PGP Virtual Disks.


This article covers some of the basics required for using PGP Virtual Disks. More information on using PGP Virtual Disks is also found in the user guide.

 

PGP Virtual Disk Volumes

A PGP Virtual Disk is an area of space, on any disk connected to your computer, that is set aside and encrypted. PGP Virtual Disks are much like a bank vault, and are very useful for protecting sensitive files while the rest of your computer is unlocked for work.

PGP Virtual Disks were called PGP Disks in previous versions of PGP Desktop. The phrase PGP Disk now includes both the PGP Virtual Disk and the PGP Whole Disk Encryption features.

A PGP Virtual Disk looks and acts like an additional hard disk, although it is actually a single file that can reside on any of your computer disks. It provides storage space for your filesyou can even install applications, or save files to a PGP Virtual Diskbut it can also be locked at any time without affecting other parts of your computer. When you need to use the applications or files that are stored on a PGP Virtual Disk, you can unlock the disk and make the files accessible again.

PGP Virtual Disks are unlocked and locked by mounting and unmounting them from your computer. PGP Desktop helps manage this operation for you.

Although you specify a size for your PGP Virtual Disk, you can also create a dynamically-sizing disk, one that grows larger as needs require it. The size you specify when you are creating the disk is the maximum size the disk can become. When a PGP Virtual Disk is mounted, you can:

  • Move/copy files into or out of the mounted PGP Virtual Disk.
  • Save files to the mounted PGP Virtual Disk.
  • Install applications within the mounted PGP Virtual Disk.

Files and applications on a PGP Virtual Disk are stored encrypted. If your computer crashes while a PGP Virtual Disk is mounted, the contents remain safely encrypted.

When a PGP Virtual Disk is unmounted, it does not appear within Windows Explorer, and it is inaccessible to anyone without proper authentication.
 

 

How to Create a PGP Virtual Disk

  1. Open PGP Desktop.
  2. Click the PGP Disk item on the left pane, then in the main screen, click New PGP Virtual Disk. Alternatively, from the File menu, select New > PGP Virtual Disk.
  3. In the Maximum size field, type the amount of space that you want to reserve for the new PGP Virtual Disk. Use whole numbers, with no decimal places. You can also use the arrows to increase or decrease the number displayed in the field. Choose KB (Kilobytes), MB (Megabytes), or GB (Gigabytes) from the menu. Select the Create a dynamic PGP Disk (resizable) checkbox if you want PGP Desktop to manage the size of the new PGP Virtual Disk automatically. As you add or delete files, the disk size changes appropriately. Note: You can only select (or not select) the Automatically resize PGP Virtual Disk as necessary option when you are creating a PGP Virtual Disk. Once the disk is created, you can neither change a PGP Virtual Disk from a fixed disk to a resizable one, or vice-versa.
  4. Specify the type of account that you want to create for the primary user of this PGP Virtual Disk:

    Public key: If you want to protect your PGP Virtual Disk with your keypair, select Public Key.

    Passphrase user: If you want to protect your PGP Virtual Disk with a passphrase, select Passphrase.

     
  5. If you want to view or change the advanced options settings, select the Advanced Options checkbox. Note: The default Advance Options settings are appropriate for most users. Avoid changing these settings if you are unfamiliar with them.

    From the Cipher menu, select the encryption algorithm that you would like to use to protect your PGP Virtual Disk:

    AES-256 (256 bits)

    CAST5 (128-bits)

    From the Format menu, select the disk format that you would like to use with your PGP Virtual Disk:

    MS-DOS. Use if you intend to share this PGP Virtual Disk with someone using PGP Desktop 9.5 for Windows.

    Mac OS Extended. The default format (also the modern Mac OS file-system format); supports large PGP Virtual Disk volumes. The minimum size is 4 MB. The Mac OS Extended format is also called HFS+.

    Mac OS Extended (Journaled). Use if Journaling is enabled on your system. (Journaling causes a copy of everything written to disk to be written a second time in a private area of the filesystem, making disk recovery easier if necessary.)

    Mac OS Extended (Case-sensitive, Journaled). Use if case-sensitive Journaling is enabled on your system.

    Mac OS Standard. For backwards compatibility with older Mac OS operating systems. The minimum size is 512 KB.

    UNIX File System. Use if you intend to share this PGP Virtual Disk volume with someone using a UNIX file system. The minimum size is 128 KB You can see format of an existing Mac OS X drive by selecting the drive, then selecting Get Info from the File menu.
  6. Click Continue.
     
  7. The next step depends on whether you chose to have your primary user authenticate to the PGP Virtual Disk you are creating using a public key or a passphrase. If you chose public key access, the Select a Public Key to Secure Your PGP Disk screen appears, displaying the public keys you can use for authenticating to the PGP Virtual Disk that you are creating. Select a key from the list, then click Continue.

    If you chose passphrase, enter the name that you would like to assign as the primary PGP Virtual Disk user (or administrator).  Then enter and confirm a passphrase. Click Continue.
  8. Select a file name and location for the PGP Virtual Disk, then click Save.
  9. Review the information on the PGP Disk Creation Summary screen. When you are finished, click Create. The process is complete. The PGP Virtual Disk is created and mounted. It appears in a Finder window, as well as the PGP Desktop left panel.
  10. Click Finish. The process is complete. The PGP Virtual Disk is created and mounted. It appears in a Finder window, as well as the PGP Desktop left panel.

 

Mounting a PGP Disk Volume

When you create a new PGP Disk volume, it is automatically mounted so you can begin using it to store your files. When you are ready to secure the contents of the volume, you must unmount it. Once a volume is unmounted, its contents remain secured in an encrypted file where it is inaccessible until the volume is once again mounted. There are several ways to mount a PGP Disk volume:

 

  • On the Disk Properties screen for a PGP Disk, enable Mount at login. The PGP Disk will automatically mount at startup.
  • Select the PGP Disk you want to mount under the PGP Disk item, then select Disk > Mount.
  • Click the Mount icon on the Toolbar.
  • In the Finder, Ctrl-click the PGP Disk volume file, then select PGP --> Mount.

Mounted PGP Disk volumes appear as drives in the Finder.

 

Unmounting a PGP Disk Volume

You lock a PGP Virtual Disk by unmounting it. There are several ways to unmount a PGP Disk volume:

  • Select the PGP Disk you want to mount under the PGP Disk item, then select Disk > Unmount.
  • Click the Mount icon on the Toolbar.
  • In the Finder, Ctrl-click the PGP Disk volume file, then select PGP > Unmount.
  • Drag the icon of the mounted PGP Disk volume to the Trash icon.

Once a PGP Disk volume is unmounted, its contents are locked in the encrypted file associated with the volume. The contents of the volume are stored in the encrypted file and its contents remain inaccessible until the volume is once again mounted.


 

Caution: The Disk tab of Preferences > PGP Options has some settings for the PGP Virtual Disk feature. One option is Allow PGP Virtual Disks to unmount even while files are still open, while the other option is Unmount when computer goes to sleep.

While these options can be useful for advanced users who protect their data with regular data backups, they are not recommended for most users. If you choose the Unmount when computer goes to sleep option you might consider also selecting the Prevent sleep if disk(s) cannot be unmounted option as well. While that option may help reduce the chance of data loss, it is always better to save and close files properly before unmounting a disk.