Skip to Content
California State University, Long BeachCalifornia State University, Long Beach

Whole Disk Encryption

By default full disk encryption is enabled by default using the users public key.  When the user disk is being encrypted, the icon in the system tray changes to let the user know the disk encryption is in process.

 The computer can still be used during the encryption process, but performance may be degraded.

view screenshot (FullDisk.JPG)

Add a User to an Encrypted Whole Disk

You may add a public key, passphrase, or token key user to an encrypted PGP Whole Disk. If you are adding a user to an encrypted fixed drive, you may only add a passphrase or Aladdin eToken user. Public key users may only be added to non-fixed encrypted disks.

view screenshot

Token Key User

To add a token key user, do the following:

  1. Open PGP Desktop.
  2. Locate the PGP Disk Control box on the left pane of the PGP Desktop main screen.
  3. Select the encrypted whole disk you wish to add a user to.
  4. Under the "User Access" section within the work area, click Create User.
  5. Unlock the disk by entering your passphrase. Click OK.
  6. Select Token Key User and click Next. For a non-fixed drive, select Public Key User and you will find the token key among the other public keys in the list.
  7. Select a token key from the list and click Next.
  8. Enter the passphrase of the private key and click OK.
  9. Click Finish. The new token key user will then be added.

Public Key User

To add a public key user, do the following:

  1. Open PGP Desktop.
  2. Locate the PGP Disk Control box on the left pane of the PGP Desktop main screen.
  3. Select the encrypted whole disk you wish to add a user to.
  4. Under the "User Access" section within the work area, click Create User.
  5. Unlock the disk by entering your passphrase. Click OK.
  6. Select Public Key User and click Next.
  7. Select a key from the list and click Next.
  8. Click Finish. The new public key user will then be added.

Passphrase User

To add a passphrase user, do the following:

  1. Open PGP Desktop.
  2. Locate the PGP Disk Control box on the left pane of the PGP Desktop main screen.
  3. Select the encrypted whole disk you wish to add a user to.
  4. Under the "User Access" section within the work area, click Create User.
  5. Unlock the disk by entering your passphrase. Click OK.
  6. Select Passphrase User, enter a Username, and click Next.
  7. Enter and confirm the Passphrase and click Next.
  8. Click Finish. The passphrase user will then be added.
  9. SECTION 4 - Delete a User from an Encrypted Whole Disk
  10. To delete a user, do the following:
  11. Open PGP Desktop.
  12. Locate the PGP Disk Control box on the left pane of the PGP Desktop main screen.
  13. Select the encrypted whole disk you wish to delete a user from.
  14. Under the User Access section within the work area, select the user you wish to remove, and click Delete User.
  15. Enter the passphrase to unlock the disk. NOTE: You may not delete a user if there aren't other users present.

Delete a User from an Encrypted Whole Disk

To delete a user, do the following:

  1. Open PGP Desktop.
  2. Locate the PGP Disk Control box on the left pane of the PGP Desktop main screen.
  3. Select the encrypted whole disk you wish to delete a user from.
  4. Under the User Access section within the work area, select the user you wish to remove, and click Delete User.
  5. Enter the passphrase to unlock the disk. NOTE: You may not delete a user if there aren't other users present.

Starting the Workstation After Full Disk Encryption

When full disk encryption is enabled, a valid ID and paraphrase are required for the workstation to be started.

view screenshot (Boot.JPG)