ESET Online Help

Search
Select the category
Select the topic

Encryption

ESET Endpoint Encryption is a feature-rich data encryption utility that encrypts entire hard disks, removable media, folders, individual files, sections of text, emails and attachments. It can also be used to create virtual encrypted disks, encrypted file archives and securely delete data so that it cannot be retrieved.

Software license controls available features via an activation code. In a managed environment, the system's administrator via the ESET Endpoint Encryption Server software controls the users and features available to workstations.

Full Disk Encryption

The computer's hard drive capacity will be encrypted with Full Disk Encryption. It includes all the data and programs stored on it. When the initial process of encrypting the hard drive is completed, a user must log in to the computer with a password when it is first switched on, known as pre-boot authentication. The computer will operate as normal when logged on, with all data and programs available. However, you cannot access the computer without the login password. Therefore, Full Disk Encryption gives the best protection of data stored on a portable device. If the device was stolen, it would be unable to access the data without the correct password. If the hard disk was removed and used with another computer, the disk´s contents would remain encrypted and completely inaccessible.

For a quick guide see the Full Disk Encryption topic.

Folder Encryption

A folder, including any subfolder, is encrypted with Folder Encryption. Any new files or folders created within the folder will also be encrypted. If you drag-and-drop in a file or folder, it will be encrypted, and if you drag out a file or folder, it will be decrypted. Provided that you are logged into ESET Endpoint Encryption files within an encrypted folder will open and save as usual. If you are not logged into ESET Endpoint Encryption, the files within the folder will remain encrypted, and programs will not be able to access the files or recognize them, or the files will open but will show encrypted data.  ESET Endpoint Encryption can be set to hide all encrypted folders when not logged in, so they are invisible.

For a quick guide see the Folder encryption topic.

File Encryption

A single file is encrypted with File Encryption. You must decrypt it to enable access to the file. This method is often used to secure files while they are transferred by email, CD/DVD, memory card/stick etc.

For a quick guide see the File encryption topic.

Virtual Disks

ESET Endpoint Encryption can create an encrypted virtual disk drive. When the file is 'mounted' (accessed through ESET Endpoint Encryption), it will appear and function as an additional hard disk on your computer. As with folder encryption, any files and subfolders on the virtual drive will be encrypted, as will any files added to the virtual drive. Anything removed from the drive will be automatically decrypted.

For a quick guide see the Virtual disks topic.

Encrypted Archives

An encrypted archive is similar to a Zip file - it is a method of compressing data (one or more files or folders) to save hard disk space, but with the bonus that the data is encrypted. Again, as you add or remove files, they are automatically encrypted or decrypted. When the archive is opened, you can normally use the files within it.

For a quick guide see the Encrypted archives topic.

 

The different methods of encryption have their advantages and disadvantages. The full disk is the easiest to use and is the most secure, but everything on your computer is encrypted - you forget your password (and the admin password), and you cannot run your computer. Folder encryption is simple to use, but the unwary could leave plain data available, as it relies on you always saving to a specific folder. File encryption is good for transferring data by email or memory device, as are archives, but both require user action. Virtual disks (and archives) are very secure, as they appear as a single block of encrypted data with no discernible files.