WinMagic SecureDoc For Windows FAQs
What version of SecureDoc does this FAQ cover? Why do I have to have Full Disk Encryption? How does Full Disk Encryption work? Will Full Disk Encryption work on my laptop? I have a laptop, should I do something to prepare for Full Disk Encryption? How do I get Full Disk Encryption? Can I work while my computer encrypts? Can I turn my computer off while it is encrypting? Can I install the encryption client on my personal laptop? Can the installation be run from off campus? Once my laptop is encrypted, what will change? What is a SecureDoc ID? How is it different from my NetID? Why is it different than my NetID? Can I change my SecureDoc ID? I share a laptop with other people. Can my laptop still be encrypted? Can my SecureDoc ID be linked to a local account with a different name? My laptop has been encrypted, how do I change my UT Arlington password? I changed my password in Self Service - now I’m unable to log on at the encryption screen. What do I do? My laptop has been encrypted, but I forgot my password. What do I do? I receive an error message when I log on to my computer. What does this mean? How do I get a user added (or removed) from an encrypted laptop? Is my laptop protected if I put it into hibernation mode? My laptop was lost or stolen. What do I do? How do I uninstall the encryption software from my laptop? Do I need to encrypt my virtual machine on my laptop? How can I request an exception to Full Disk Encryption? How do I transfer a laptop from the current user to a new user? Will WinMagic's SecureDoc encryption slow down my computer? Is it the individual files, the hard disk or the computer that is encrypted? Is there any software program known to interfere or not work with this encryption? Which ones? How do I back-up my files to another hard disk? Does the back-up disk need to be encrypted? How? Does the encryption software need to communicate with UTA server to work? That is, can I turn on and use my computer in an area with no internet access? How do we handle usage of our laptop in areas where encrypted computers are not allowed or illegal, such as some countries, some government labs etc?
Question: What version of SecureDoc does this FAQ cover?
This FAQ is for the Windows (32- or 64-bit) version. For the Apple OS X version, please visit the SecureDoc for Mac FAQ.
Question: Why do I have to have Full Disk Encryption?
UT System Security Practice Bulletin #1 requires all portable devices to be encrypted. In addition, UT System has set a mandate for all laptops to be encrypted by August 31, 2012. If you have concerns about encrypting your computer, contact the Information Security Office.
More information is available on the UT System Full Disk Encryption FAQ PDF
Question: How does Full Disk Encryption work?
Full Disk Encryption is software that encrypts everything on a computer hard drive (including the operating system). You will have a username (SecureDoc ID) and password (in general, identical to your UT Arlington NetID and password) that you will use to access your laptop.
Question: Will Full Disk Encryption work on my laptop?
The encryption client software will run on Microsoft Windows and Mac OS X operating systems.
Question: I have a laptop, should I do something to prepare for Full Disk Encryption?
OIT recommends:
- Joining your machine to the domain, if possible
- Using your domain account to encrypt, or using a local account with the same name as your NetID (if not joined to the domain), as this will become your SecureDoc ID.
- Making a backup of your data.
- Making sure your local password (if used) is secure. You must have a password to use with SecureDoc.
- Making sure the laptop is up to date with all patches and drivers.
- Making sure you are administrator on the machine.
- Making sure you are not logging as the account named Administrator on your laptop.
If you have questions or concerns on these items or how to perform/check them, please contact the Help Desk before continuing. Regular maintenance on your laptop will help ensure a better expereience.
Question: How do I get Full Disk Encryption?
The software is available from the OIT software download page. You can download it after logging in with your NetID and password. In addition, you can request assistance from your DSA/ISA, or contact the Help Desk to have OIT assist you in installing the software and encrypting your laptop.
Installation instructions are available for Windows XP and Windows 7.
After normal business hours and weekends, laptops may be dropped of at the Help Desk. Please contact the OIT Help Desk.
On-site encryption services are available. Please contact the OIT Help Desk.
Question: Can I work while my computer encrypts?
Yes, you can continue to work. You may also wait until late in the day and begin the process so that it is complete when you return to work. Turn off sleep options if you are leaving your computer to encrypt while you are away. During sleep/hibernate, your computer will not continue encrypting.
Question: Can I turn my computer off while it is encrypting?
If necessary, you can restart or power down your machine, and the encryption process will continue when the machine is restarted. If possible, it will be fastest to not restart or power down the machine.
Question: Can I install the encryption client on my personal laptop?
No, at this time licenses are only available for UT Arlington owned assets. UT policy prohibits University data from being stored on personal computers.
Question: Can the installation be run from off campus?
In order to create or access your SecureDoc ID, your computer must have an active internet connection during the first stage of the install. The best process is to be on campus plugged into the wireless system. If you can visit the UT Arlington home page, you have an active internet connection.
Please note that different internet providers may block ports used by SecureDoc. If you are presented with a screen asking you to confirm your SecureDoc idenity before reboot, you are not going to be able to successfully install SecureDoc from your current location.
OIT strongly recommends that you do not install FDE off-campus. However, if you cannot come to campus to install SecureDoc, that you can do so from off-campus with a VPN connection.Question: Once my laptop is encrypted, what will change?
On start up, you will be presented with the encryption logon screen. Simply enter your SecureDoc ID and password and your computer will boot as normal. The encryption client also enables secure screensavers – that is, when you are ready to use your computer after the screensaver has become active, you will need to enter your SecureDoc ID and password before proceeding.
Question: What is a SecureDoc ID? How is it different from my NetID? Why is it different than my NetID? Can I change my SecureDoc ID?
A SecureDoc ID is the username used to authenticate you on the SecureDoc servers. The SecureDoc clients do not use the UT Arlington active directory for authentication (like the e-mail or VPN systems), and therefore you must have a SecureDoc ID on the SecureDoc server to access an encrypted laptop. In most cases, your SecureDoc ID will be the same as your NetID, especially if you encrypted a laptop connected to the UTA Domain. If your laptop was encrypted as a local account that is different than your NetID, your SecureDoc ID will match the local account name, not your NetID. If you have a SecureDoc ID that does not match your NetID, you can contact the Help Desk to have a new SecureDoc ID created and your old SecureDoc ID removed.
Question: I share a laptop with other people. Can my laptop still be encrypted?
Yes. However, each user must have their SecureDoc ID associated with the laptop. When a laptop is initially encrypted only the SecureDoc ID of the person installing the software is granted access. To request access for additional users please contact security@uta.edu and ask to have the user added or removed. You will need to know the computer name.
In addition, each time your password is changed, you will need to log on to all laptops with your SecureDoc ID using the old password, and re-sync your password. Each user on the machine will have to do this each time they change a password.
Question: Can my SecureDoc ID be linked to a local account with a different name?
Yes, but this is not recommended, as it makes password, account and login issues more complex. If your SecureDoc ID does not match your NetID, or if it does not match your account name, please make sure you let the Help Desk know if you are reporting problems.
Question: My laptop has been encrypted, how do I change my UT Arlington password?
SecureDoc Password Changes For Windows
Question: I changed my password in Self Service - now I’m unable to log on at the encryption screen. What do I do?
SecureDoc Password Changes For Windows
Question: My laptop has been encrypted, but I forgot my password. What do I do?
Contact the OIT Help Desk for assistance with changing your password.
Question: I receive an error message when I log on to my computer. What does this mean?
If a user tries to log on to their computer and enters the wrong password, after successfully logging on they will see a message similar to the one below. This message is informational to notify the user that someone has tried to access their computer. 
Question: How do I get a user added (or removed) from an encrypted laptop?
Email the Information Security Office at security@uta.edu and ask to have a user added or removed. You will need to know the computer name.
Question: Is my laptop protected if I put it into hibernation mode?
Your laptop is only encrypted when it’s turned off – as soon as you log in, the hard drive is decrypted. If your computer is lost or stolen while it’s in hibernation mode, the disk is already decrypted.
Question: My laptop was lost or stolen. What do I do?
Regardless of whether your computer was encrypted or not, you must follow the procedure 2-45: http://www.uta.edu/policy/procedure/2-45#missingorstolenproperty.
Question: How do I uninstall the encryption software from my laptop?
All laptops are required by policy to have encryption installed on them at all time. All attempts to remove the encryption software from your laptop may render it unusable. Any questions, please contact the OIT Help Desk.
Question: Do I need to encrypt my virtual machine on my laptop?
No. You only need to encrypt the physical laptop.
Question: How can I request an exception to Full Disk Encryption?
A recent poliy change has altered the process for exceptions, and all currently granted exceptions are being reviewed by UT System. If you feel you need an exception, contact the Information Security Office for more information. Exceptions will only be granted by UT System.
Question: How do I transfer a laptop from the current user to a new user?
Complete an inventory transfer (see Procedure 2-43). Request to have the machine be reimaged, or if that is not practical, then contact security@uta.edu to have an additional user added to the machine. You will need to know the computer name.
Question: Will WinMagic's SecureDoc encryption slow down my computer?
No. When you operating system starts, OIT recommends that you wait until all applications, including SecureDoc, is loaded.
Machines which rely on preboot loaders to decrease the boot time, such as the Lenovo X202, will see an increase in the boot load time, as they cannot access the preboot loader with the encryption. Machines with Self Encrypting Hard Drives should not suffer these performace issues.
Question: Is it the individual files, the hard disk or the computer that is encrypted?
The entire hard disk is encrypted. Files are not encrypted individually; they are contained within the encrypted disk.
The computer is not encrypted.
Question: Is there any software program known to interfere or not work with this encryption? Which ones?
DeepFreeze, alternative encryption applications such as SafeBoot or TrueCrypt, or any other application that requires boot record access on the computer pose problems with the encryption program that UTA has implemented, SecureDoc. In addition, the Bluetooth protocol is not supported by the full-encryption client so Bluetooth mice and keyboards have to be replaced with wireless or wired equivalents in order for you to be able to log in to your computer. Once you’re logged in, though, a Bluetooth accessory can be used.
Question: How do I back-up my files to another hard disk? Does the back-up disk need to be encrypted? How?
Your computer can be backed up to University-owned storage that is external to your system manually or by using Windows Backup, Apple Time Machine or a backup program such as Cobian Backup. If the entirety of your files are contained in your user folder, then backing up your user folder will get all of your files. Files saved outside of one’s user folder will have to be moved or singled out for backup. In case of the drive becoming unreadable, the installed applications will have to be reinstalled from the original media. Contact OIT (helpdesk@uta.edu) if you need network space for back-ups. Otherwise, see Personal Backup documentation on OIT’s Web site. Encryption of University-owned external devices is required. In addition, UT policy #UTS-165 states that “as a general practice Confidential University Data are not to be copied to or stored on a Portable Computing Device or a Non-University Owned Computing Device,” and such storage must be approved by the data owner. Contact ISO (security@uta.edu) for information about encrypted USB drives.
Question: Does the encryption software need to communicate with UTA server to work? That is, can I turn on and use my computer in an area with no internet access?
During the initial setup of the encryption software and after changes are made to a user’s password, communication with the server is required. Once the encryption is successfully set up, the encryption software allows you to use your computer when it’s not connected to the Internet.
Question: How do we handle usage of our laptop in areas where encrypted computers are not allowed or illegal, such as some countries, some government labs etc?
UTA is working with UT System to devise a solution for travelers to specific foreign countries or government facilities. For interim solutions, please contact the ISO at security@uta.edu.