Migrating from TrueCrypt to Symantec Drive Encryption: Creating Encrypted Portable Containers (PGP Virtual Disks)

book

Article ID: 181906

calendar_today

Updated On:

Products

Drive Encryption

Issue/Introduction

 

Resolution

This article describes how to migrate from TrueCrypt to Symantec Drive Encryption, and provides instructions on how to create a small virtual disk that can be shared with other users of Symantec Drive Encryption for Windows or Mac OS X. This portable virtual disk can also be shared in the cloud (such as via Dropbox).

File container encrypted by TrueCrypt

  1. Decrypt the system drive in TrueCrypt. (To do this, open the System menu in TrueCrypt and select Permanently Decrypt System Drive.)
  2. Uninstall TrueCrypt.

    NOTE: It is not necessary to uninstall TrueCrypt if you do not plan to encrypt your system disk.
     
  3. Install Symantec Drive Encryption and complete the setup assistant. For more information, refer to the following two knowledgebase articles:
     
  4. After you have successfully installed and configured Symantec Drive Encryption, start the application using any of the following methods:
     
    • Double-click the PGP Tray icon.
    • Right-click the PGP Tray icon and then select Open Symantec Encryption Desktop.
    • From the Start menu, select Programs > Symantec Encryption > Symantec Encryption Desktop.
       

Create a PGP Virtual Disk

  1. Create a PGP virtual disk volume using the following steps by clicking New Virtual Disk in the PGP Disk Control box.
  2. Type a Name for the volume.
  3. Specify a Disk File Location for the volume.
  4. To specify your mount preferences, do the following:

    • Select a drive letter for the volume to Mount as.
    • Select Mount at Startup to have your new volume mount automatically at startup.
    • Select Unmount when inactive for x mins to have the volume automatically unmount when it has been inactive for the specified number of minutes.
       
  5. From Capacity, select Dynamic (resizeable) if you want the volume to grow in size as you add files or Fixed size if you want the volume to always remain the same size.
  6. Specify a file system Format for the volume.
  7. Specify an Encryption algorithm for the volume.
  8. Click Add User Key to add users who authenticate using public-key cryptography or click New Passphrase User to add users who authenticate using passphrases.
  9. Click Create.
  10. Copy the files on the mounted and decrypted file container.
  11. Use the User Access section to control existing users of a PGP Virtual Disk volume:

    • Click Add User Key to add users who authenticate using public-key cryptography.
    • Click New Passphrase User to add users who authenticate using passphrases.
    • Select a user, then click Make Admin to give the user administrative rights.
       
  12. Unmount the PGP Virtual Disk. To do this, do one of the following:

    • Click the PGP Disk control box on the left pane of the Symantec Encryption Desktop main screen, select the volume you want to unmount, and select Disk > Unmount.
    • In Windows Explorer, right-click on the PGP Virtual Disk file, then select Symantec Encryption Desktop > Unmount Disk from the shortcut menu.
       
  13. Locate the file on your local system. Copy the fle (with the .pgd file extension) and give it to the other users with whom you want to share it.

    • Be sure these users also have Symantec Encryption Desktop for Windows or Mac installed, and that they have access to the passphrase or their private key (if the PGP Virtual Disk was encrypted to their public key).
    • If sharing the virtual container via the cloud, such as Dropbox, upload the file just as you would any file.


For more information:

Symantec Drive Encryption best practice http://www.symantec.com/business/support/index?page=content&id=TECH149543

Quick start guidehttp://www.symantec.com/business/support/index?page=content&id=DOC6208