Windows User context and ESET Endpoint Encryption

Access based on sessions

When you type your Key-File password, it enables access to encrypted containers. The containers are encrypted using the available keys, for example, Virtual Disks and Encrypted Removable Media.

If another user logs in to Windows simultaneously as the original user (you), they will have limited access to the same containers.

•The another user will have denied access to removable media

•The another user will have read-only access to virtual disks

Access based on users

After certain software is launched from within a user´s session, the software may elevate itself when under the System user account. If this happens, then encryption keys will be unavailable to that software´s process, and access to the containers will be denied.

•Another user is attempting to access the encrypted data across the network

•The user has elevated software by using the Run as administrator option and is being denied access to the encrypted containers from the software

•Software is running under a different user context within the user´s session, for example, backup software that runs under the System user account, possibly as a Windows Service

This does not apply to Full Disk Encryption of system disks. If you want to use backup software with an encrypted system disk, ensure restoration has been tested using the solution before deploying to a live environment.

In most instances, a file-style sync backup of data from full disk encrypted systems would be the best for scheduled backups. Backups performed at a file level are more likely to run as the user instead of the system. Users will also have access to encrypted storage if required.

Use the command line tool to mount a virtual disk globally so all system users can access its contents.