Administrative password rules

  1. You do not assign an administrative password and allow users to assign a password themselves:

    • During initial encryption, each user may choose their own password for encryption. An encrypted drive can only be automatically decrypted if you allow the user to save the password. On any other computer it must be entered when connecting.

  2. You assign an administrative password and allow users to assign a password themselves:

    • During initial encryption, each user may choose their own password for encryption.
    • The administrative password can be used to automatically decrypt data on corporate computers where the DriveLock Agent is running. The user does not have to enter a password.

  3. You assign an administrative password and choose encryption with administrative password:

    • Users cannot assign their own password during initial encryption.
    • The removable storage device can only be decrypted on corporate computers where the DriveLock Agent is running
    • When connecting the encrypted removable storage device, the user does not need to enter a password
    • Outside the company or on company computers without the DriveLock Agent, the data cannot be decrypted

  4. You create multiple administrator password rules, setting filters for users and/or computers and choosing encryption with administrative password:

    • Users cannot assign their own password during initial encryption.
    • The removable storage device can only be decrypted on corporate computers where the DriveLock Agent is running
    • When connecting the encrypted removable storage device, the user does not need to enter a password
    • Outside the company or on company computers without the DriveLock Agent, the data cannot be decrypted

    • Access is restricted to specific users or to specific computers (e.g. a department or a team):

      You create an administrative password rule that is restricted to user group A. User A1 encrypts a USB stick (forced encryption with administrative password) with administrative password.

      Result:

      The USB stick can only be decrypted if a user from user group A is logged on to a company computer.

      Examples:

      • USB sticks encrypted in the Human Resources department can only be decrypted by the users of the Human Resources department
      • USB sticks encrypted in the Research department can only be decrypted on computers in the Research department

Pay attention to the priority and filtering options set on the Logged on users, Computers and Networks tabs.