Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 2715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Data Protection Suite - Disk Encryption Question

AndyBolton

For years now I have used Sophos AV and to be honest its one of the best - so when Sophos combined the whole security suite including Disk Encryption, I thought it was time to try it.

We use Sophos Enterise Console (latest Version) to deploy, manage and look after out Sophos Estate

I have now started testing the encryption software on a couple of laptops and generally its looking really good - my question is

How do I uninstall the encryption software once it is installed - I can find no documentation that explains how or even if you can uninstall - this process will be pivital to my company going past the testing stages

I look forward to any comments

Regards

Andy Bolton

:25831


This thread was automatically locked due to age.
  • 0

    Hello Andy,

    you should be able to uninstall SGDE through Add/Remove programs (can't test right now but IIRC I've gone through it) - Client Configuration first and then the Client. Note that the Tamper Protection setting applies. Haven't checked whether it is possible at all if the policy requests encryption - so you might want to test this first. You've probably taken a look at the SGDE documentation.

    Christian

    :25837
  • 0

    Hi Christian

    Thanks for your speedy response

    I did however try that option but get the "you have insufficent priviledges" for that option, even when I use a Domain Admin or local admin - also, if it was possible to remove by just uninstalling - would that not negate the actual point of encryption ?

    unless of course I am mis-undertsanding, which is probably the case

    Regards

    Andy

    :25841
  • 0

    Hello Andy,

    I'm not (yet) actually using SGDE and only run a few tests late in the Beta - mostly concentrating on what happens if you have SGDE installed and enable Bitlocker (the result "don't do it!" :smileywink:). I did uninstall from the client but honestly I don't remember the details. But I'm pretty sure that at one point I uninstalled from Program and Features (as I remember the two parts - Configuration and the software itself). Maybe someone using it will comment. Perhaps you need to apply an "empty" policy, decrypt (if it's not done automatically - I'm not sure) and then you'll be able to uninstall. 

    Christian

    :25843
  • 0

    HI,

    The uninstall of Sophos SafeGuard 5.61.0 Client (as managed from SEC 5.1)  is covered by Tamper Protection when enabled.  If you look in the Tamper Protection log on the client you'll see a message that uninstall was prevented.  Likewise in SEC 5.1, in the Tamper Protection event viewer you will see evidence of the attempt.  In order to uninstall from the client you would need to open the interface of SAV on the endpoint, "authenticate user", disable Tamper protection and then you will be able to uninstall.  It's not sufficient to authenticate, you need to disable also.  You could also disable tamper protection in the policy in SEC before performing the uninstall.

    As the user (which would also need to be an administrator) is already logged in to the client to uninstall encryption (which will start the decrypt) it's fine. Encryption of the file system is to prevent someone who can't authenticate to the machine getting data off it.  For example you couldn't just access data off the disk from a bootable Linux OS or connect the disk to another machine.

    Regards,

    Jak

    :25865
  • 0

    Hi Jak

    Thank you for your explanation - that works just fine

    I finally got it round my head - followed your instructions and it is now decrypting

    Regards

    Andy

    :25887
  • 0

    Hi,

    Am looking at disk encryption at the moment, looking to rollout in the coming weeks to all laptop users. My question - is there a generic user document that I can send out to all users so that they can see whats coming when I mention encryption, the sign on process will change for all laptop users as I understand it, something to walk users through the new encryption set up visually??

    Thanks,

    Ger

    :29671
  • 0

    Hello Smartply,

    (especially if you are encrypting existing computers) please read the Sophos Enterprise Console quick startup guide: with encryption and NAC (in particular chapter 16.2) first - you've probably already done so but better to mention it once too often than not. It might be a little bit too technical but have a look at Sophos Disk Encryption Help.

    Christian

    :29675