PGP Desktop 10.1 for Windows includes the following new features:
- The SafeNet 330 smart card has been added for both pre- and post-boot authentication.
- Improvements have been made to annotations. In a PGP Universal Server-managed environment, your
administrator can now specify where the email annotation will be, such as end of message rather than
wrapped around the message.
- Improvements have been made to the Encrypt and Sign buttons for Microsoft Outlook (MAPI) email. In
addition, your administrator may have specified the default states for the Encrypt and Sign buttons, if
they are enabled. You can choose to override the default state specified by your administrator by
toggling the buttons.
- You can now protect sent message copies for IMAP accounts (available for standalone installations
only) to provide additional security so you can protect sensitive emails that you have sent using your
IMAP account. Choose to Encrypt, Encrypt and Sign, or Sign Only messages as they are copied to
your IMAP Sent Items mailbox.
- In a managed environment, your PGP Universal Server administrator can set policy to enable you to
decide if you want to perform signature verification on email messages. If enabled, a new button and/or
menu option appears in your Microsoft Outlook or Lotus Notes email client. The button or option will be
in the default state set by your administrator but you can choose to override this setting.
- In a managed environment, your PGP Universal Server administrator may have specified certain PGP
Notifier settings (for example, whether notifications are to be displayed or the location of the notifier).
- X.509 certificates included in an S/MIME email message sent to you can now be imported to your key
ring. The same settings you have specified when public keys are found apply to these certificates. If
specified, PGP Desktop extracts and then imports the X.509 certificate to your keyring. If you want to
encrypt email using imported certificates, be sure to manually sign the certificate.
- In a managed environment, your PGP Universal Server administrator may have specified a setting so
that additional information is included in the Non-Delivery Receipt when a message is blocked. If PGP
Desktop is unable to find a key for one or more of the recipients in a group list, the email addresses are
listed in the Error Details of the Non-Delivery Receipt.
- Improvements made to PGP NetShare so that when blacklists have been defined by the PGP Universal
Server administrator, wildcard characters are now supported as well as blacklists are honored when
PGP Tray is unavailable. In addition, invalid blacklist entries are skipped.
- A new column is now displayed in the Access List section to display the user's User type (role).
- The PGP NetShare command line is now available able to run in standalone mode, so you can perform
PGP NetShare-related tasks on servers and other file stores without the PGP NetShare client installed
on the system. For more information, refer to the PGP NetShare Command Line User's Guide.
- You can now require that the user of the PGP Portable Disk change the passphrase on first use (the first
time the user inserts the device into the system. This option is useful if you plan to create several PGP
Portable Disks to be handed out, such as at a conference or trade show.
- A link for More Info is now available on the PGP Portable dialog box displayed when you access data
on the device. Your browser launches and the PGP Corporation Support site page is displayed.
- You can now view available disk space and total size of the PGP Portable Disk once the disk has been
mounted. When you move your cursor over the task bar item for a few seconds, the PGP Notifier
message appears and displays the mount status of the PGP Portable Disk as well as the updated disk
PGP Remote Disable & Destroy (PGP RDD)
- PGP Remote Disable & Destroy utilizing IntelR Anti-Theft Technology addresses the need to keep data
secure in mobile environments, and comply with increasingly stringent regulations in data security and
privacy. With PGP RDD, your PGP Universal Server administrator can remotely disable your laptop,
and/or disable access to data if the laptop is lost or stolen and perform secure decommission of laptops.
PGP Whole Disk Encryption
- If your Microsoft Windows system supports the IntelR Advanced Encryption Standard (AES) Instructions
(AES-NI), your system is encrypted and decrypted using the hardware associated with this encryption
algorithm. AES-NI provides improved performance during encryption and decryption processes as well
as disk I/O enhancements while your disk is encrypted.
- Enhancement to force the encryption of boot drives, by policy. This includes forcing encryption if policy
changed (for example, you previously did not have to encrypt boot drives, and your administrator
modified policy to require encryption).
- In the Advanced screen of PGP BootGuard on Windows systems, the name of your system is now
displayed. This information can be useful to your help desk if you need to use the Whole Disk Recovery
Token in case you have forgotten your passphrase.
- Enhancements have been made to PGP BootGuard so you can use a virtual keyboard on your Tablet
PC to enter your passphrase and authenticate at the PGP BootGuard screen. If you have docked your
system or have an external keyboard connected directly to your system, you can also use that keyboard
to authenticate. Refer to the system requirements for supported Tablet PCs.
- Enhancements made to PGP Desktop for Windows to add full support for USB 2.0 and EHCI controllers
in PGP BootGuard. This enhancement adds support for smart card readers and tokens on new laptops
based on the new Intel chipset.