ESET Online Help

Search English
Select the topic

Enable and configure ESET Full Disk Encryption


If you encounter an error Your computer is not encrypted, and data at rest is not protected follow the steps below to set up computer encryption and resolve the error.


ESET Full Disk Encryption version 1.4 (and later) supports the automatic updates (configurable via a Policy).

You can configure ESET Full Disk Encryption settings via policy in ESET Security Management Center, ESET PROTECT On-Prem or ESET PROTECT: select Policies > New Policy > Settings > select the product ESET Full Disk Encryption from the drop-down menu.

Here you can create your desired EFDE configuration:


Policy options available for macOS are marked with efde_policy_macos.

1.Under Encryption options -> Full Disk Encryption Mode enable the Enable Encryption setting. This setting enables/disables encryption on the managed workstation.


2.Under Encryption Options, decide if you want to Encrypt All Disks or Encrypt Boot Disk Only.

3.To use Trusted Platform Module support (TPM) or OPAL Self-encrypting drive support (OPAL) for your encryption, select the applicable option based on the hardware available on the managed workstations.

4.Under Password Policies -> User Password Requirements, specify the requirements for the pre-boot password the user will use to log in to their workstation.

5.Under User Interface -> User Interface Elements, you can specify the behavior of the EFDE client running on the workstations.

6.Click Finish to save the policy. Do not assign the policy yet; you can apply the policy after EFDE is deployed to the client workstation.

7.Before starting the encryption, deploy the EFDE client on the workstations.

See the full description of configuration options for ESET Full Disk Encryption:

Password Policies

Encryption Options

User Interface