ESET Online Help

Search
Select the category
Select the topic

ESET Endpoint Encryption Server disaster recovery

When you lose your ESET Endpoint Encryption Server due to a natural disaster, hardware failure or other reason, you can restore the ESET Endpoint Encryption Server and reconnect it with client workstations.

If you have a complete backup of your ESET Endpoint Encryption Server, you can restore it from backup.

If you do not have a backup of your ESET Endpoint Encryption Server, check for any encrypted granular data on client workstations. If yes, decrypt the granular data.

Restore ESET Endpoint Encryption Server from backup

If you have an up-to-date backup, restore your ESET Endpoint Encryption Server.

If you do not have an up-to-date backup, be aware that your backup does not reflect the latest changes, including new workstations, teams and groups, and you will lose this information. Also, if your backup does not contain the most recent Encryption Keys, you need to decrypt all granular data that has been encrypted with the missing Encryption Keys on client workstations before adopting them into your new ESET Endpoint Encryption Server.

If you lose a workstation while restoring your ESET Endpoint Encryption Server, you can adopt a client back into your ESET Endpoint Encryption Server.

Decrypt granular data on client workstations


warning

Move data from virtual disks and delete empty virtual disks on client workstations

You must move all data out of any virtual disks and delete empty virtual disks before decrypting granular data. You must do it on all client computers with encrypted granular data. Do this to avoid permanent data loss.

When you do not have a backup of your ESET Endpoint Encryption Server, or you are missing an Encryption Key from your %ESET_ENDPOINT_ENCRYPTION%> Server backup, you need to decrypt all granular data on client workstations that have encrypted data with the missing Encryption Key. This means decrypting all files, folders and removable media.

Full Disk Encryption (FDE) protected workstations

If you have workstations that are protected with Full Disk Encryption, this might be a problem when you lose your ESET Endpoint Encryption Server.

If you have the admin username and password required to access the FDE pre-boot authentication screen, you can adopt FDE. You must use the admin username and password to boot client workstations before adopting them into your new ESET Endpoint Encryption Server to ensure the details are correct.

If you do not have the admin username and password required to access the FDE pre-boot authentication screen, you cannot decrypt the workstation. Instead, log in as any user and copy all the data on the workstation you want to keep on an external drive. Afterward, reinstall Windows.

Install ESET Endpoint Encryption Server


important

Old ESET Endpoint Encryption Server must no longer be functional

Ensure that your old ESET Endpoint Encryption Server is no longer working. Do this to avoid synchronization problems with your client workstations.

Ensure that your old ESET Endpoint Encryption Server is no longer working, then install the ESET Endpoint Encryption Server.

Adopt client workstations

If you have client workstations (even if they are encrypted by the FDE) that have ESET Endpoint Protection activated, adopt these into your new ESET Endpoint Encryption Server.