How can I Recover Files Encrypted with Symantec Removable Media Encryption (RME)?

book

Article ID: 222692

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

Symantec Endpoint Encryption Removable Media Encryption (RME) uses the highest levels of encryption algorithms available for encryption of removable devices such as USB drives, DVDs or Blu-ray disks.  The advantage of using this product is that you can copy data to devices and ensure the data is encrypted and secured.

If I have encrypted files and forget the password, can I recover? 

 

This article will discuss how you can access encrypted files even if you have forgotten the password for RME.

 

For Symantec RME FAQs and General information, see the following article:

222689 - Symantec Removable Media Encryption FAQs - General Information

Resolution

SEE RME has recovery available and if this has been configured, the SEE Administrator can help you decrypt files.  

 

For example, consider the following.  A drive plugged in "F:" has encrypted files on it:

Inside the drive, you'll see a few files and folders.  The "Encrypted" folder is where encrypted content may be:

 

Upon opening the Folder, you'll see the padlock icon over the files, indicating the files are encrypted:

If you have SEE RME installed, and you double-click the file, normally you'll be prompted for the passphrase to unlock the files:

 

If you know the passphrase, enter it in and you'll have access.  If you do not, and you need to recover, we need to get these files to the administrator.  There are two methods for doing so.

 

 

Method 1: Email the encrypted files you need recovered

The first step to get these files to the admin to help recover is to check the box "Do not show this dialog box for the next 60 seconds", and then click "Dismiss":

This will put the SEE RME client into a mode where you can start to copy files.  Because these files are encrypted, the SEE RME client uses its own specialized copy mechanism to ensure the files are copied safely.

For example, if you have a few files you need to email, there is an option to "Attach encrypted files to email".

 

Simply right-click the files you wish to attach, select the Symantec Encryption context menu, and then select the option listed for email:

 

 

Once you select this option, the selected files should be automatically attached to the email.

Next, email this file and the administrator will be able to decrypt them with the recovery certificate.

 

 

Method 2: Copy files you need to recover to another location for the administrator

If you wish to copy the files rather than email, you can do so using the next method.

First, select the files you wish to copy, then the Symantec Encryption context menu, then "Copy encrypted files":

As mentioned, because these files are encrypted, the copy/paste functionality has built-in capabilities to do so securely and does not use the Windows clipboard to do so. 
This is why you need to use the context menu to do this operation. 

Determine the location you wish to paste the files, and right-click, then Symantec Encryption, then "Paste".

Notice the windows "Paste" option is grayed out.  This is because the Windows clipboard feature is not used, and instead, a more secure method is used to copy the files:

The administrator then retrieves the files where they were copied, decrypts them, and provides them back in decrypted form.

 

For more information on SEE RME, see the following article:

222689 - Symantec Removable Media Encryption FAQs - General Information

Attachments