Specifications

Endpoint Encryption for Files and Folders client

80 |

By default, the open-close-wipe option is selected. If the Extract option is selected

instead, the user may select where to permanently save the unpacked and decrypted

Self-Extractor. The user may browse for a suitable location with the Browse button.



Figure42:SelectingstoragelocationfortheunpackedSelf‐Extractor

Self-Extractors may be read on any computer running Windows 2000 and later. There

is no need to have the Endpoint Encryption for Files and Folders client installed. Nor is

there any need to have local administrator rights in order to open a Self-Extractor.

NOTE:IfafileisencryptedwithEndpointEncryptionforFilesandFolders‐whencreatingaself‐extracting

file,thecopyofthefilebeingplacedintheself‐extractorwillbedecrypted.However,theself‐extractoris

itselfencrypted(bythepasswor

dselectedbytheuser).Also,onlythecopyofthesourcefileusedforthe

self‐extractorisdecrypted,notthesourcefile/folder.

CAUTION:Whenopeningthefilesinthe self‐extractor,i.e.the“regular”files,withthedefaultapplications,

e.g.MSWord™,temporaryfilesandworkingcopie

smaybecre

atedfromthe“regular”files.Thesefile

copiescontaintracesofthecontentofthe fileintheself‐extractor.Thus,deletingtheself‐extractingfile

andanyextractedfilemaynotbesufficientfromasecurityperspective,shouldtheself‐extractorcontain

sensitiveinformation.Inaddition,tracesofanyfileopenedonthecomputermaybefoundinthesystem’s

pagefile.Thus,makesuretoadviseyouruserstobecarefulonwhatcomputerstheself‐extractingfilesare

“opened”;sensitivedatamaybeleftbehindeventhoughtheself‐extractingfileandanyextractedare

“safely”deleted.

Attach encrypted to e-mail…

This option only appears when right-clicking files, not folders. It allows the user to

send a particular document (plaintext or encrypted) in a protected way to a recipient

that also has Endpoint Encryption for Files and Folders installed. The option creates a

special encrypted format of the document and attaches it automatically to an e-mail

that you can send. The recipient must have Endpoint Encryption for Files and Folders

installed and also have access to the encryption key used when creating the encrypted

attachment, i.e. either having a connection to the Endpoint Encryption database

hosting the key or having shared a user local encryption key.

NOTE:Ifyouattachanencrypteddocumenttoane‐mailwithoutusingtheEncryptandE‐mail...function,

thedocumentwillbeattachedinplaintextevenifthedocumentisencryptedondisk.Thesourcedocument

willstillbeencrypted,butthecopycreatedasanattachmentwillbeinplaintextandthe recipientwill

receiveitinplaintext.Ifyouwantthe“standard

”enc

ryptiontoremainintheattachedfile,youneedtoset

thee‐mailapplicationasanExemptedProcesses.