WinMagic SecureDoc with FileVault encryption for OS X FAQs
What version of SecureDoc does this FAQ cover? Why do I have to have Full Disk Encryption? How does Full Disk Encryption work? Will Full Disk Encryption work on my laptop? I have a laptop, should I do something to prepare for Full Disk Encryption? How do I get Full Disk Encryption? Can I work while my computer encrypts? Can I turn my computer off while it is encrypting? Can I install the encryption client on my personal laptop? Can the installation be run from off campus with VPN connection? Once my laptop is encrypted, what will change? I share a laptop with other people. Can my laptop still be encrypted? My laptop has been encrypted, how do I change my UT Arlington password? I changed my password in Self Service - now I’m unable to log on at the encryption screen. What do I do? My laptop has been encrypted, but I forgot my password. What do I do? How do I get a user added (or removed) from an encrypted laptop? Is my laptop protected if I put it into hibernation mode? My laptop was lost or stolen. What do I do? How do I uninstall the encryption software from my laptop? Do I need to encrypt my virtual machine on my laptop? How can I request an exception to Full Disk Encryption? Is it the individual files, the hard disk or the computer that is encrypted? Is there any software program known to interfere or not work with this encryption? Which ones? How do I back-up my files to another hard disk? Does the back-up disk need to be encrypted? How? Does the encryption software need to communicate with UTA server to work? That is, can I turn on and use my computer in an area with no internet access? How do we handle usage of our laptop in areas where encrypted computers are not allowed or illegal, such as some countries, some government labs etc? What versions of the Mac OS X does SecureDoc support?
This FAQ covers the SecureDoc client with FileVault encryption for OS X 10.8. For question about SecureDoc client with SecureDoc encryption for Mac OS X and OS X, please see the FAQ for the SecureDoc with SecureDoc encryption client. For questions about SecureDoc on Windows, please see the Windows FAQ.
Full Disk Encryption is software that encrypts everything on a computer hard drive (including the operating system). You will have a username and password (identical to the one you use to access your Mac) that you will use to access your laptop.
The encryption client software will run on Microsoft and Mac operating systems (except Macs with PowerPC processors).
You are strongly urged to back up your data - while we have not had a computer fail during encryption, the possibility is there. Other steps are included in the install instructions. If you need help with either of these actions, please contact the Helpdesk.
If you have a UTA laptop, the program will be made available to you through OIT. When you have backed up your data and are ready, you may initiate the encryption process. For more information, please visit - SecureDoc 6.1 for Mac with FileVault encryption
After normal business hours and weekends, laptops may be dropped of at the Help Desk. Please contact the OIT Help Desk.
On-site encryption services are available. Please contact the OIT Help Desk.
Yes, you can continue to work. You may also wait until late in the day and begin the process so that it is complete when you return to work.
Turning your computer off in the middle of encryption is not advisable. We have tested this, and while no adverse effects have been noted in our tests, we suggest not to take the risk.
No, at this time licenses are only available for UT Arlington owned assets. UT policy prohibits University data from being stored on personal computers.
OIT strongly recommends that you do not install FDE off-campus. However, if you cannot come to campus to install SecureDoc, that you can do so from off-campus with a VPN connection.
On start up, you will be presented with the encryption logon screen. Simply enter your login and password and your computer will boot as normal. The encryption client also enables secure screensavers – that is, when you are ready to use your computer after the screensaver has become active, you will need to enter your username and password before proceeding.
Yes. However, each user must have their UT Arlington NetID associated with the laptop. When a laptop is initially encrypted only the NetID of the person installing the software is granted access. To request access for additional users please contact email@example.com and ask to have an additional user added to the machine. You will need to know the computer name.
Laptops that are shared by large groups of users may be better servered by using Deep Freeze. The Help Desk can help you determine the best usage.
When logging on at the encryption screen, use your previous password and then follow the directions below for changing your encryption password. You will be prompted for your new password to log onto the UTA domain - enter your new password and log onto your computer. Your password should synchronize with the encryption server within 15 minutes. If you’re unable to log on at the encryption screen with your old or new password, you must contact the OIT Help Desk for assistance.
Contact the OIT Help Desk for assistance with recovering your password.
Email the Information Security Office at firstname.lastname@example.org and ask to have the user added or removed. You will need to know the computer name.
Your laptop is only encrypted when it’s turned off – as soon as you log in, the hard drive is decrypted. If your computer is lost or stolen while it’s in hibernation mode, the disk is already decrypted.
Regardless of whether your computer was encrypted or not, you must still report the loss or theft to the University Police Department at 817-272-3381. You should also report the loss or theft to the Information Security Office at 817-822-5487.
All laptops are required by policy to have encryption installed on them at all time. All attempts to remove the encryption software from your laptop may render it unusable. Any questions, please contact the OIT Help Desk.
No. You only need to encrypt the physical laptop.
If your department has a laptop that is shared that doesn’t have sensitive data on it, we recommend you install DeepFreeze and request an encryption exemption by submitting the form http://www.uta.edu/policy/form/18-1. If your laptop does have sensitive data on it and shared by multiple users, email the Information Security Office at email@example.com with the computer name and the NetID of the users that need to be added or removed.
The entire hard disk is encrypted. Files are not encrypted individually; they are contained within the encrypted disk.
The computer is not encrypted.
DeepFreeze, alternative encryption applications such as SafeBoot or TrueCrypt, or any other application that requires boot record access on the computer pose problems with the encryption program that UTA has implemented, SecureDoc. In addition, the Bluetooth protocol is not supported by the full-encryption client so Bluetooth mice and keyboards have to be replaced with wireless or wired equivalents in order for you to be able to log in to your computer. Once you’re logged in, though, a Bluetooth accessory can be used.
Your computer can be backed up to University-owned storage that is external to your system manually or by using Windows Backup, Apple Time Machine or a backup program such as Cobian Backup. If the entirety of your files are contained in your user folder, then backing up your user folder will get all of your files. Files saved outside of one’s user folder will have to be moved or singled out for backup. In case of the drive becoming unreadable, the installed applications will have to be reinstalled from the original media. Contact OIT (firstname.lastname@example.org) if you need network space for back-ups. Otherwise, see Personal Backup documentation on OIT’s Web site. Encryption of University-owned external devices is required. In addition, UT policy #UTS-165 states that “as a general practice Confidential University Data are not to be copied to or stored on a Portable Computing Device or a Non-University Owned Computing Device,” and such storage must be approved by the data owner. Contact ISO (email@example.com) for information about encrypted USB drives.
During the initial setup of the encryption software and after changes are made to a user’s password, communication with the server is required. Once the encryption is successfully set up, the encryption software allows you to use your computer when it’s not connected to the Internet.
UTA is working with UT System to devise a solution for travelers to specific foreign countries or government facilities. For interim solutions, please contact the ISO at firstname.lastname@example.org.
SecureDoc 6.1 client with FileVault has been tested and it only works correctly with OS X 10.8. Installation attempts on Macs with Mac OS X 10.7.5 often fail mid-way through installation and/or encryption and thus is not supported by OIT.
For those who need the SecureDoc autoboot feature for lab and check-out computers, SecureDoc 6.1 client with SecureDoc encryption is needed.