About Encryption Management

Kaspersky Endpoint Security Cloud allows you to configure encryption of managed devices running Windows and macOS. Encryption prevents other users from gaining unauthorized access to data stored on the user's device.

This feature is available only if you activated Kaspersky Endpoint Security Cloud under a Kaspersky Endpoint Security Cloud Plus or Pro license.

Devices running Windows are encrypted by using BitLocker Drive Encryption. BitLocker is a technology that is part of the Windows operating system. Kaspersky Endpoint Security for Windows encrypts all logical partitions of hard drives of a device simultaneously. Recovery keys are stored in the Kaspersky Endpoint Security Cloud infrastructure.

Encryption is supported in Kaspersky Endpoint Security for Windows, starting from version 10 Service Pack 2.

We do not recommend moving a hard drive from an encrypted device to another device. Otherwise, you may lose the ability to use the recovery key for gaining access if the user forgets the password.

Devices running macOS are encrypted by using the FileVault disk encryption feature. When an administrator starts FileVault encryption for a device by using Kaspersky Endpoint Security Cloud, Kaspersky Endpoint Security for Mac prompts a user of this device to enter his or her credentials. Disk encryption only starts after the user provides the credentials and the device is restarted. Recovery keys are stored in the Kaspersky Endpoint Security Cloud infrastructure.

Encryption is supported in Kaspersky Endpoint Security for Mac, starting from version 11.

You can enable encryption in several security profiles simultaneously and define identical encryption settings for them. Later, if necessary, you can edit encryption settings separately for devices running Windows and for devices running macOS. If you do not need to encrypt your users' devices any more, you can disable encryption.

You can also view the report about encryption.

Page top