Symantec Drive Encryption is a feature that encrypts your entire hard drive or partition, including your boot record, thus protecting all your files when you are not using them. You can use Symantec Drive Encryption and PGP Virtual Disk volumes on the same system.
- It takes approximately four hours to encrypt a 250 GB drive, and another four hours to decrypt it - this only happens once, when you first set up disk encryption.
- ITS-managed Windows 10 devices have BitLocker disk encryption activated by default, and you should therefore NOT activate PGP disk encryption on the same device. You can utilise the other encryption features of PGP on a Windows 10 device.
To encrypt an entire disk:
- Open Symantec Encryption Desktop and in the left column, select PGP Disk.
- Select Encrypt Whole Disk or Partition. Choose the disk and partition you want to encrypt
- Select New Passphrase User.
- Select “Use Windows Password”, then “Proceed with passphrase authentication only”
- Follow the steps to add an ADS user. Since Use Windows logon is the only option for boot partitions, your passphrase must match the ADS passphrase.
- Select Encrypt.
Once you've encrypted the disk and rebooted, a desktop Encryption login will appear just after the PC loads and before the operating system can load. The person(s) listed in the User Access field will then be able to log in. The passphrase will serve as a single sign-on and will also authenticate to ADS.