PGP Desktop Quick Start Guide 10.2.1 Macintosh Mac 1021 Quickstart En
User Manual: Desktop - 10.2.1 - Macintosh - Quick Start Guide User Guide for PGP Desktop Software, Free Instruction Manual
Open the PDF directly: View PDF .
Page Count: 12
Download | |
Open PDF In Browser | View PDF |
PGP Desktop for Mac OS X Quick Start Guide Version 10.2 • Using PGP Viewer (page 5) What is PGP Desktop? • Using PGP WDE to Encrypt a Drive (page 6) PGP Desktop provides comprehensive security for desktops and laptops, making it possible for enterprises, workgroups, and individuals to protect sensitive information without changing the existing IT infrastructure or disrupting work processes. This award winning, easy-to-use solution encrypts email, files, virtual volumes, and entire disks from a single desktop application. • Creating PGP Virtual Disk Volumes (page 8) • Creating a PGP Zip Archive (page 9) • Using PGP Shred to Shred Files (page 10) • Getting Assistance (page 11) The PGP Desktop family of applications have been combined into several bundles. New to PGP Desktop? PGP Desktop Professional includes PGP Desktop Email and PGP Whole Disk Encryption PGP Whole Disk Encryption includes PGP Whole Disk Encryption Use this step-by-step guide to get started. You will find that, with PGP Desktop, protecting your data will be as easy as turning a key in a lock. PGP Desktop Email This Quick Start Guide helps you install PGP Desktop and get started. The PGP Desktop User’s Guide provides more detailed information on PGP Desktop. In it, you will learn what a keypair is, why you might want to create one, how to create one, and how to exchange keys with others so you can encrypt your own data and share data securely with others. Use PGP Desktop Email to automatically and transparently encrypt, sign, decrypt, and verify email message through policies you defined for you by administrators, or policies you control if you are not part of a PGP Universal Server-managed environment. Note: A PGP Desktop license provides you with access to a certain set of PGP Desktop features. Certain other features of PGP Desktop may require a different license. For more information, see the Licensing section of the PGP Desktop User’s Guide. PGP Whole Disk Encryption Use PGP Whole Disk Encryption (PGP WDE) to lock down the entire contents of your system or an external or USB flash drive you specify. In addition, use PGP Desktop to: Use part of your hard drive space as an encrypted virtual disk volume with its own drive letter. Create protected Zip archives. Completely destroy files and folders so that nothing can recover them. For deployment, management, and policy enforcement information for PGP Desktop, see the PGP Universal Server Administrator’s Guide. After installation, PGP Desktop prompts you to create a PGP keypair. A keypair is the combination of a private key and a public key. Keep your private key and its passphrase private, as the name suggests. If someone gets your private key and its passphrase, they can read your messages and impersonate you to others. Your private key decrypts incoming encrypted messages and signs outgoing messages. Your public key you can give to everyone. It does not have a passphrase. Your public key encrypts messages that only your private key can decrypt and verifies your signed messages. Contents • What is PGP Desktop? (page 1) • New to PGP Desktop? (page 1) • Understanding the Basics (page 1) • What Am I Installing? (page 2) • System Requirements (page 2) • Installing PGP Desktop (page 2) Your keyring holds both your keypairs and the public keys of others, which you use to send encrypted messages to them. Click the PGP Keys Control Box to see the keys on your keyring: • Starting PGP Desktop (page 3) • The PGP Desktop Main Screen (page 3) • Using PGP Desktop Email (page 3) 1 1 The icon for a PGP keypair has two keys, denoting the private and the public key. Alice Cameron has a PGP keypair in this illustration, for example. 2 The icons for the public keys of others have just one key. Ming Pa’s public key, for example, has been added to the keyring shown in this illustration. contrast, immediately overwrites files multiple times. This is so effective that even sophisticated disk recovery software cannot recover these files. This feature also completely wipes free space on your drives so your deleted data is truly unrecoverable. Key Management manages PGP keys, both your keypairs and the public keys of others. You use your private key to decrypt messages sent to you encrypted to your public key and to secure your PGP Virtual Disk volumes. You use public keys to encrypt messages to others or to add users to PGP Virtual Disk volumes. System Requirements The minimum system requirements to install PGP Desktop on your Mac OS X system are: What Am I Installing? Apple Mac OS X10.5.x, 10.6.x, or 10.7.x (Intel) 512 MB of RAM PGP Desktop uses licensing to provide access to the features you purchase. Depending on the license you have, some or all of the PGP Desktop family of applications will be active. 64 MB hard disk space PGP Desktop Email is a member of the PGP Desktop family of applications. You can use PGP Desktop Email to automatically and transparently encrypt, sign, decrypt, and verify email messages through policies you control. You can also use PGP Desktop Email to encrypt IM sessions for clients such as AIM and iChat. Both users must have PGP Desktop Email enabled. PGP Whole Disk Encryption (PGP WDE) is not compatible with any third-party software, other than Apple Boot Camp, that could bypass the PGP WDE protection on the Master Boot Record (MBR) and write to or modify the MBR. Boot Camp needs to modify MBR before installing the Windows OS and cannot be used on a Macintosh system that is already encrypted with PGP WDE. To use Boot Camp with PGP WDE, refer to the installation instructions in the PGP Desktop for Mac OS X User's Guide. PGP Whole Disk Encryption (PGP WDE) is a member of the PGP Desktop family of applications. You can use PGP WDE to lock down the entire contents of your system or an external or USB flash drive you specify. Boot sectors, system files, and swap files are all encrypted. Whole disk encrypting your boot drive means you do not have to worry if your computer is lost or stolen: to access your data, an attacker would need the appropriate passphrase. PGP Whole Disk Encryption (PGP WDE) is not compatible with any third-party software, other than Apple Boot Camp, that could bypass the PGP WDE protection on the Master Boot Record (MBR) and write to or modify the MBR. Boot Camp needs to modify MBR before installing the Windows OS and cannot be used on a Macintosh system that is already encrypted with PGP WDE. To use Boot Camp with PGP WDE, refer to the installation instructions. This document contains instructions for viewing the features activated by your license. PGP Virtual Disk volumes uses part of your hard drive space as an encrypted virtual disk volume with its own drive letter. A PGP Virtual Disk is the perfect place for storing your sensitive files; it is as if you have stored them in a safe. When the door of the safe is open (when the volume is mounted), you can change files stored in it, take files out of it, and move files into it. Otherwise (when the volume is unmounted), all the data on the volume is protected. Installing PGP Desktop Symantec Corporation recommends exiting all open applications before you begin the install. The installation process may require a system restart. Note: You must have administrative rights on your system in order to install the update. PGP Zip adds any combination of files and folders to an encrypted, compressed, portable archive. PGP Desktop must be installed on a system to create or open a PGP Zip archive. PGP Zip is a tool for securely archiving your sensitive data, whether you want to distribute it to others or back it up. The PGP Desktop installer walks you through the installation process. To install PGP Desktop on your Mac OS X system PGP Shredder completely destroys files and folders so that even file recovery software cannot recover them. Deleting a file using the Windows Recycle Bin (on Windows systems) or Trash (on Mac OS X systems) does not actually delete it; it sits on your drive and eventually gets overwritten. Until then, it is trivial for an attacker to recover that file. PGP Shredder, in 2 1 Quit all other applications. 2 Mount the PGP DiskCopy image. 3 Double-click PGP.pkg. 4 Follow the on-screen instructions. 5 If prompted to do so, restart your system. • Mount an existing PGP Virtual Disk. Note: If you are in a domain protected by a PGP Universal Server, your PGP administrator may have preconfigured your PGP Desktop installer with specific features and/or settings. In addition, if your PGP administrator set up silent enrollment, your Windows domain password will be used for all passphrase requirements in PGP Desktop. If specified by policy, PGP Whole Disk Encryption may automatically start to encrypt your disk when your Windows password is entered. • Synchronize keys. • Shred files. 4 PGP Desktop is managing for you. 5 The PGP Disk item. Use this item to view and manage PGP Virtual Disk volumes. Also, you can use this item to create new PGP Virtual Disk volumes, as well as encrypting an entire disk or managing encrypting removable disks using the PGP Whole Disk Encryption feature. 6 The PGP Messaging item. Use this item to manage PGP Messaging services. You can also use this item to create new services and policies, and manage existing services and policies. Licensing To see what features your license supports, open PGP Desktop and select PGP > License. Click Details. The details of your license are displayed. 7 Starting PGP Desktop PGP Desktop Main Screen Using the PGP Desktop Icon in the Menu Bar Using the PGP Dock Icon Using the Mac OS X Finder The Keyservers item. Use this item to view and manage keyservers. There are four main ways to access PGP Desktop: The Keys item. Gives you control over the PGP keys that ( not shown) The PGP Zip item. Use this item to view and manage PGP Zip archives. Using PGP Desktop Email PGP Desktop Email automatically and transparently encrypts and signs outgoing messages and decrypts and verifies incoming messages. All you need to do is to send and receive your email just as you always have; PGP Desktop Email will take care of the rest. The PGP Desktop Main Screen The main screen of PGP Desktop is your main interface to the product. Sending Encrypted Email After installation, PGP Desktop Email inserts itself between your email client and your mail server and watches your email traffic. When incoming messages arrive, PGP Desktop Email intercepts them before they get to your inbox and automatically attempts to decrypt and verify them; it uses your private keys to decrypt and the public keys of others to verify. When it is done with your messages, PGP Desktop Email delivers them to your inbox. In most cases, you do not have to do anything special; decrypted incoming messages will appear in your inbox just like any other incoming messages. The PGP Desktop main screen includes: 1 The search field. Lets you search for keys on the local keyring. Simply enter characters and the names and email addresses on the local keyring that include those characters will display. Click Advanced Search for more search criteria. 2 The PGP Desktop Work area. Displays information When you send outgoing messages, PGP Desktop Email intercepts them on the way to your mail server and automatically attempts to encrypt and sign them, based on configured policies. Again, you do not have to do anything special; just create your messages using your email client and send them—PGP Desktop Email handles everything else. about and actions you can take for the selected item. 3 Details of how PGP Desktop Email transparently handles your incoming and outgoing messaging is found in the following sections. The Toolbar. Provides access to frequently used features. You can: • Create a new PGP Zip archive. • Create a new PGP Virtual Disk. 3 Incoming Messages directory at PGP Global Directory (https://keyserver.pgp.com) , or ask them to send their public key to you directly by email. PGP Desktop manages incoming mail messages based on the content of the message. These scenarios assume standalone PGP Desktop, not in a domain protected by a PGP Universal server (in which case mail action policies set by your PGP Universal Server administrator can apply): Message not encrypted nor signed. PGP Desktop does nothing to the content of these messages; it simply passes the message along to your email client. Message encrypted, but not signed. When PGP Desktop sees a message coming to you that is encrypted, it will attempt to decrypt it for you. To do this, PGP Desktop will check the local keyring for the private key that can decrypt the message. If the private key is not on the local keyring, PGP Desktop will not be able to decrypt it; the message will be passed to your email client still encrypted. If the private key is on the local keyring, PGP Desktop will decrypt it immediately if the passphrase for the private key is in memory (cached). If the passphrase is not cached, PGP Desktop will prompt you for the passphrase and decrypt the message when you supply the correct passphrase. Once a message is decrypted, PGP Desktop passes it to your email client. Note: PGP Desktop only encrypts by default to keys that are known to be valid. If you did not get a key from the PGP Global Directory, you may need to verify its fingerprint with the owner and sign it for it to be used. Outgoing Messages Email messages that you send can be encrypted, signed, both, or neither. Because you probably have different combinations for different recipients or email domains, you need to create policies for all of your outgoing email message possibilities. Once correct policies are in place, your email messages are protected automatically and transparently. If you are in a PGP Universal Server-managed environment, your PGP Desktop policies are controlled by the policies specified by your PGP Universal Server administrator. Your administrator may also have specified how to handle outgoing email messages if the PGP Universal Server is not available. These policies are called offline (or local) policies. Default Policies PGP Desktop Email includes four default policies: If the PGP Desktop messaging proxy is turned off, PGP Desktop will not be able to decrypt incoming encrypted messages; it will pass them along to your email client still encrypted. It is recommended that you leave your messaging proxy on all the time if you expect to be sending and receiving encrypted messages. On is the default setting. Message signed, but not encrypted. PGP Desktop will search the local keyring for a public key that can be used to verify the signature. If PGP Desktop cannot find the appropriate public key on the local keyring, it will try to search for a keyserver at keys.domain (where domain is the domain of the sender of the message), then the PGP Global Directory (https://keyserver.pgp.com), and finally any other configured keyservers. If PGP Desktop finds the right public key at any of these locations, it verifies the signature (or not, if the signature is bad) and passes the message to your email client annotated with information about the signature—information is also put into the PGP Log. If PGP Desktop cannot find the appropriate public key, it passes the message to your email client unverified. Mailing List Admin Requests. Administrative requests to mailing lists are sent in the clear; that is, not encrypted or signed. Mail List Submissions. Submissions to mailing lists are sent signed (so they can be authenticated) but not encrypted. Require Encryption: [PGP] Confidential. Any message flagged as confidential in your email client or containing the text “[PGP]” in the subject line must be encrypted to a valid recipient public key or it will not be sent. This policy gives you a way to easily handle messages that must be sent encrypted or not sent at all. Opportunistic Encryption. Specifies that any message for which a key to encrypt cannot be found should be sent without encryption (in the clear). Having this policy as the last policy in the list ensures that your messages will be sent (unless you flag the message as Confidential), albeit in the clear, even if a key to encrypt it to the recipient cannot be found. Creating New Policies Message encrypted and signed. PGP Desktop goes through both of the processes described above: first finding the private key to decrypt the message and then finding the public key to verify the signature. However, if a message cannot be decrypted, then it cannot be verified. PGP Desktop Email includes the ability to create and use new policies in addition to the four default policies. You can create policies based on a wide variety of criteria. If you are using PGP Desktop Email in a PGP Universal Server-managed environment, your messaging policies and other settings may be controlled by your organization’s PGP administrator. If PGP Desktop is unable to either decrypt or verify a message, you might want to consider contacting the sender of the message. If the message could not be decrypted, make sure the sender was using your real public key. If the message could not be verified, ask the sender to publish their key on the PGP Global Directory — older PGP versions or other OpenPGP products can access the web version of this For complete information about how to create and implement messaging policies, see the PGP Desktop User’s Guide. 4 Was My Message Encrypted? and decrypt and verify incoming messages. When PGP Desktop is doing this, it is called “in the mail stream.” Because PGP Desktop Email does its work automatically and transparently, from time to time you may find yourself wondering, was my message really sent encrypted? The answer is probably yes, but there are ways to make certain. Use PGP Viewer to decrypt, verify, and display messages outside the mail stream. Opening an Encrypted Email Message or File Notifier Alerts Use PGP Viewer to open (decrypt, verify, and display) encrypted message files of the following types: PGP Desktop Notifier alerts are a feature of PGP Desktop that both tell you what is going on with your messaging and give you control over it. For example, when you send an encrypted message, the Notifier alert appears in the lower right corner of your screen. It shows: Subject. Who it is being sent to. Keys found for the recipient. Status of the message. What PGP Desktop Email did to the message. Who signed the message. .pgp: Created by a PGP application. .eml: Created by Outlook Express or Thunderbird. .emlx: Created by Apple's Mail.app program on Mac OS X systems. .msg: Created by Microsoft Outlook. When PGP Viewer opens an encrypted message, it does not overwrite the encrypted text. The original message remains intact. To decrypt, verify, and display an encrypted message from a file To view more information about the message being sent, click More. Now you also see: For more information about Notifiers, see the PGP Desktop User’s Guide. 1 Open PGP Desktop and select the PGP Viewer tab. 2 Click Open File in PGP Viewer or select Viewer > Open File in PGP Viewer. 3 In the Open Message File dialog box, navigate to the file you want to open, select it, then click Open. PGP Viewer decrypts, verifies, and displays the message in a separate window. Note: In a PGP Universal Server-managed environment, your administrator may have specified certain notifications settings (for example, whether notifications are to be displayed or the location of the notifier). In this case, you may not see any notifier messages at all. Note: You can drag and drop the file you want to decrypt onto the portion of the PGP Viewer screen that displays: Drag Email or Files Here. PGP Viewer opens the file, decrypts and verifies it, and displays the message. 4 The PGP Log lists a variety of actions that PGP Desktop is taking to secure your messaging. To open another message, click Open Message in the toolbar, navigate to the desired file, select it, then click Open. PGP Viewer decrypts, verifies, and displays the message. 5 For example, the message whose Notifiers are shown above generated this entry in the PGP Log. It shows: Click Smaller to make text smaller or Bigger to make text larger. 6 Click Rich Text to display the message or file in RTF (rich text format) or Plain Text for plaintext. 7 Click Print to print the message or file. PGP Log 1 That an outgoing message was sent, who sent it, and what the subject was. 2 The time it was encrypted, the email address it was encrypted to, and the email address it was sent from. Copying Email Messages to Your Inbox Use PGP Viewer to copy plaintext versions of messages that have been decrypted to the inbox of your email client. To copy a message to the inbox of your email client 1 Using PGP Viewer With the desired message in the PGP Viewer window, click Copy to Inbox . The Copy to Inbox confirmation dialog box is displayed. If you do not want to view this confirmation in the future, select the checkbox to Don't display this again. In normal usage, PGP Desktop sits between your email client (Mozilla Thunderbird, for example) and your email server so that PGP Desktop can encrypt and sign outgoing messages 5 The Copy to Inbox confirmation dialog box displays the name of the email client to which the message will be copied. To change this setting, see PGP Viewer Preferences. 2 1 Open PGP Desktop and click on the PGP Disk item. The PGP Disk screen is displayed. 2 Click Encrypt a Disk. The Encrypt Whole Disk screen is displayed, showing a listing of disks on your system that can be protected. 3 From the Select a disk list, select the disk you want to protect. 4 In the Secure with section, specify how you want to access your protected disk. Select Public Key user or Passphrase user. Click OK to continue. If you are copying a message to the Mozilla Thunderbird email client for the first time, a dialog box is displayed advising that you must install an add-on. 3 Click Yes to install the add-on and follow the on-screen instructions or click No. You must be using Thunderbird 2.0 or greater to install the add-on. PGP Viewer opens your email client and copies a plaintext version of the message to the inbox. Exporting Email Messages Use PGP Viewer to export a decrypted message to a file. To export a message from PGP Viewer to a file 1 With the message displayed in the PGP Viewer window, click Export. 2 In the Export Message dialog box, specify the desired filename, location, and format for the file, then click Export. Note: If you are encrypting a boot disk, you can only use passphrase authentication, so PGP Desktop selects Passphrase User for you and skips to the Add PGP Whole Disk User screen. PGP Viewer saves the file to the specified location. Specifying Additional Options Use the Tools button on the PGP Viewer Toolbar (on the far right) to specify several PGP Viewer features: Text Encoding: Specify the text encoding format for the message currently being displayed by PGP Viewer. Show Remote Images: Display external resources (images, CSS style sheets, iframe content, and so on) for the message currently being displayed by PGP Viewer. You can specify that PGP Viewer automatically displays external resources in Preferences. View Message Source: Display the source of the message currently being displayed by PGP Viewer. Viewing the message source can tell you more information about the message. Preferences: Display the PGP Viewer Preferences dialog box. Using PGP WDE to Encrypt a Drive Use the PGP WDE feature to fully encrypt the boot disk (Intel-based Macintoshes only) and external disks on Mac OS X systems. You can also use it to fully encrypt Windows-formatted external disks. To protect your disk with a public key, select Public Key, then click Continue. The Add PGP Whole Disk User screen is displayed. Select a key from the list, then click Continue. The Enter PGP Passphrase dialog box is displayed. Type the passphrase for the key you selected, then click OK. The PGP Whole Disk Encryption Summary screen is displayed with a summary of how your disk will be encrypted. This option is only available if you are encrypting a removable disk. To protect your disk with a passphrase, select Passphrase, then click Continue. The Add PGP Whole Disk User screen is displayed. Type a Name (or accept the default name), then type the desired passphrase in the Enter your passphrase field, and then type it again in the Confirm your passphrase field. To see your passphrase as you type, select Show Keystrokes. Click Continue. The PGP Whole Disk Encryption Summary screen is displayed with a summary of how your disk is will be encrypted. The Passphrase Quality bar provides a basic guideline for the strength of the passphrase you are creating by comparing the amount of entropy in the passphrase you type against a true 128-bit random string (the same amount of entropy in an AES128 key). For more information, see The Passphrase Quality Bar (in the PGP Desktop for Mac OS X User's Guide). Before you encrypt your disk, be sure to back it up so that you won’t lose any data if your laptop or computer is lost, stolen, or you are unable to decrypt the disk. Backup software works normally with PGP WDE; any files the software backs up will be decrypted before being backed up. 6 5 Review the information, then click Encrypt. The encryption process begins and the Encryption Progress screen is displayed. 6 Click Close. The PGP Desktop application window is displayed and the encryption process continues in the background. A bar shows how the encryption process is progressing. Ensure the health of the disk before you encrypt it. If PGP WDE encounters disk errors during encryption, it will pause encryption so you can repair the disk errors. However, it is more efficient to repair errors before you initiate encryption. See Ensure Disk Health Before Encryption (on page 7). Back up the disk before you encrypt it. Before you encrypt your disk, be sure to back it up so that you will not lose any data if your laptop or computer is lost, stolen, or you are unable to decrypt the disk. Also be sure to make regular backups of your disk. Consider the time it will take to encrypt the disk and prepare accordingly. See Calculate the Encryption Duration (on page 8). Run a pilot test to ensure software compatibility. As a good security practice, Symantec Corporation recommends testing PGP WDE on a small group of computers to ensure that PGP WDE is not in conflict with any software on the computer before rolling it out to a large number of computers. This is particularly useful in environments that use a standardized Corporate Operating Environment (COE) image. Certain other disk protection software is incompatible with PGP WDE and can cause serious disk problems, up to and including loss of data. See Run a Pilot Test to Ensure Software Compatibility (on page 8) for known interoperability issues, and review the PGP Desktop Release Notes for the latest updates to this list. Ensure that Sleep mode has been disabled. PGP Desktop is not compatible with hibernation mode on Mac OS X systems. Using Apple Boot Camp. If you are using Apple Boot Camp, Symantec Corporation recommends that you perform all encryption and decryption operations from the Mac OS X partition. Be sure that you have installed PGP Desktop on both the Mac OS X and Windows partitions first, before booting into the Mac OS X partition to encrypt or decrypt. Note: The encryption process continues even if you close the Encryption Progress screen. However, you can not see the progress bar until you close this screen. 7 During the encryption process, you can do the following: To temporarily stop the encryption process, click Stop. The Encryption is not complete dialog box is displayed. Pause the encryption process, Decrypt the portion of the disk that is already encrypted, or Cancel to close the dialog box and continue with the encryption process. Note: If the encryption process stops and PGP Desktop indicates a disk read/write error, it means that PGP Desktop has encountered bad sectors on your disk during the encryption process. Immediately reverse the encryption process by decrypting the portion of the disk that has been encrypted. Then use your disk verification tools to find and resolve the problem. When the encryption process completes, the disk properties for the encrypted disk is displayed. Ensure Disk Health Before Encryption Symantec Corporation deliberately takes a conservative stance when encrypting drives, to prevent loss of data. It is not uncommon to encounter Cyclic Redundancy Check (CRC) errors while encrypting a hard disk. If PGP WDE encounters a hard drive with bad sectors, PGP WDE will, by default, pause the encryption process. This pause allows you to remedy the problem before continuing with the encryption process, thus avoiding potential disk corruption and lost data. PGP WDE Best Practices Before you encrypt your disk, there are a few tasks you must perform to ensure successful initial encryption of the disk. Determine whether your target disk is supported. See "Supported Disk Types" in the PGP Desktop User’s Guide for more details on what types of disks are supported. Make sure you use supported characters in your passphrase. See "Supported Characters" in the PGP Desktop User’s Guide for more details on what characters are supported for passphrases. To avoid disruption during encryption, Symantec Corporation recommends that you start with a healthy disk by correcting any disk errors prior to encrypting. Note: If you are using PGP Desktop in a managed environment, the bad sectors encountered during 7 encryption are logged to the management server and the encryption process continues. Run a Pilot Test to Ensure Software Compatibility Best Practices Recommendation As a good security practice, Symantec Corporation recommends testing PGP Desktop on a small group of computers to ensure that PGP Desktop is not in conflict with any software on the computer before rolling it out to a large number of computers. As a best practice, before you attempt to use PGP Desktop to encrypt your disk, use a third-party scan disk utility that has the ability to perform a low-level integrity check and repair any inconsistencies with the drive that could lead to CRC errors. These software applications can correct errors that would otherwise disrupt encryption. Creating PGP Virtual Disk Volumes If you are using Apple Boot Camp, Symantec Corporation recommends that you perform all encryption and decryption operations from the Mac OS X partition. Be sure that you have installed PGP Desktop on both the Mac OS X and Windows partitions first, before booting into the Mac OS X partition to encrypt or decrypt. The PGP Virtual Disk Volumes feature uses part of your hard drive space as an encrypted virtual disk volume. You can create additional users for a volume so that people you authorize can also access the volume. 8 In PGP Desktop, select the PGP Disk item and then click New PGP Virtual Disk. 9 In the Enter your desired PGP Disk size field, type the amount of space that you want to reserve for the new PGP Virtual Disk. Use whole numbers, with no decimal places. You can also use the arrows to increase or decrease the number displayed in the field. Choose KB (Kilobytes), MB (Megabytes), or GB (Gigabytes) from the menu. Calculate the Encryption Duration Encryption is a time-consuming and CPU-intensive process. The larger the disk being encrypted, the longer the encryption process takes. You should consider this as you schedule initial encryption of the disk. Factors that may affect encryption speed include: the size of the disk the processor speed and number of processors the number of system processes running on the computer the number of other applications running on the system the amount of processor time those other applications require With an average system, an 80 GB boot disk takes approximately three hours to encrypt using PGP Desktop (when no other applications are running). A very fast system, on the other hand, can easily encrypt such a disk in less than an hour. You can still use your system during encryption. Your system is somewhat slower than usual during the encryption process, although it is fully usable. 10 Specify the type of authentication you want to use for the primary user of this PGP Virtual Disk: PGP Desktop automatically slows the encryption process if you are using the system. The encryption process is faster if you avoid using your computer during the initial encryption. The system returns to normal operation when the encryption process is complete. If you decide to run other applications during the encryption process, those applications will probably run slightly slower than normal until the encryption process is over. To protect your PGP Virtual Disk with your keypair, select Public Key. To protect your PGP Virtual Disk with a passphrase, select Passphrase user. 11 To view or change the advanced options settings, select the Advanced Options checkbox. The Cipher and Format options are displayed. Caution: The default Advanced Options settings are appropriate for most users. Avoid changing these settings if you are unfamiliar with them. 8 From the Cipher menu, select the encryption algorithm that you would like to use to protect your PGP Virtual Disk: AES-256 (256 bits) or CAST5 (128-bits). For more information about these encryption algorithms, see The PGP Virtual Disk Encryption Algorithms in the PGP Desktop for Mac OS X User's Guide. passphrase that you have typed. Select the Show Keystrokes checkbox to see the characters that you are typing, and if you are certain that no one else can see what you are typing. In the Confirm your passphrase field, re-type the passphrase that you would like to use. Click Continue. The Save As dialog box is displayed. Continue with the next step. From the Format menu, select the disk format that you would like to use with your PGP Virtual Disk: MS-DOS. Use if you intend to share this PGP Virtual Disk with someone using PGP Desktop 10.2 for Windows. 14 Select a file name and location for the PGP Virtual Disk, then click Save. 15 Review the information on the PGP Disk Creation Summary screen. When you are finished, click Create. Mac OS Extended. The default format (also the modern Mac OS file-system format); supports large PGP Virtual Disk volumes. The minimum size is 4 MB. The Mac OS Extended format is also called HFS+. 16 The Creating your PGP Virtual Disk screen is displayed, showing you progress as your PGP Virtual Disk is created. Once the disk is created, the Congratulations screen is displayed. Click Finish. Mac OS Extended (Journaled). Use if Journaling is enabled on your system. (Journaling causes a copy of everything written to disk to be written a second time in a private area of the file system, making disk recovery easier if necessary.) 17 Your new PGP Virtual Disk is mounted automatically, and information about it is displayed in a Finder window. The name of the disk also is displayed under the PGP Disk item. Mac OS Extended (Case-sensitive, Journaled). Use if case-sensitive Journaling is enabled on your system. Creating a PGP Zip Archive Mac OS Standard. For backwards compatibility with older Mac OS operating systems. The minimum size is 512 KB. PGP Zip archives let you put any combination of files and folders into a compressed, portable archive. There are three kinds of PGP Zip archives: UNIX File System. Use if you intend to share this PGP Virtual Disk volume with someone using a UNIX file system. The minimum size is 128 KB. Recipient keys. Encrypts the archive to public keys. Only the holder of the corresponding private keys can open the archive. This is the most secure kind of PGP Zip archive. Recipients must be using PGP software (for Windows or Mac OS X). Passphrase. Encrypts the archive to a passphrase, which must be communicated to the recipients. Recipients must be using PGP software (for Windows or Mac OS X). For public key access, the Select a Public Key to Secure Your PGP Disk screen is displayed, displaying the public keys you can use for authenticating to the PGP Virtual Disk that you are creating. Sign only. Signs the archive but does not encrypt it, allowing you to prove you are the sender. Recipients must be using PGP software (for Windows or Mac OS X) to open and verify the archive. Select a key from the list, then click Continue. You are prompted for the passphrase of the key you selected (unless the passphrase is already cached, in which case this step is skipped). The Passphrase and Sign only PGP Zip types are described in detail in the PGP Desktop User’s Guide; they are described briefly here. You can see the format of an existing Mac OS X drive by selecting the drive, then selecting Get Info from the File menu. 12 Click Continue. 13 The next step depends on whether you chose public key or passphrase authentication: 1 Enter the appropriate passphrase, then click OK. The Save As dialog box is displayed. Continue with the next step. For passphrase access, the Set a Master Passphrase For Your PGP Disk screen is displayed. In the Name field, type the name that you would like to assign to the primary PGP Virtual Disk user (or administrator). In the Enter your passphrase field, type the passphrase that you would like to use. The Passphrase Quality bar indicates the strength of the 9 Open PGP Desktop and select the PGP Zip item. The PGP Zip dialog box is displayed. 2 Click Create new PGP Zip. The Untitled PGP Zip dialog box is displayed. To view the properties of the selected signing key, click the Key icon to the right of the user ID of the key. Close the Key Info dialog box when you are done. 7 Select the type of encryption you want to use: Encrypt with recipient keys. Use this option to encrypt the PGP Zip archive to the public keys of the recipient(s). This ensures that only those recipient(s) can open the archive. If you select public-key encryption, drag and drop the public keys of the recipients onto the list or click the plus sign icon and choose the public keys of the desired recipients. 3 In the Files tab, specify what files and/or folders you want to be part of the PGP Zip archive you are creating. Do this by: Dragging and dropping the files/folders into the list. Clicking the plus sign icon below the list, then select the files and/or folders you want to be part of the PGP Zip archive in the dialog box displayed. Click Add to add the files to the list. Enter the passphrase in the Passphrase field and then again in the Confirm field. If you want to see the passphrase as you type it, select Show Keystrokes. If you add a file or folder you later decide you do not want, select the file or folder in the list and click the minus sign icon below the list. The file or folder is removed from the list. 4 5 Encrypt with passphrase only. Use this option to encrypt this PGP Zip archive to a passphrase you specify when saving the archive. Only those persons who know the passphrase can open the archive. Remember that you will need to communicate this passphrase to the person(s) you want to open the PGP Zip archive. 8 Select Shred original files if you want to securely delete from your system the files/folders you are putting into the PGP Zip archive. Sign Only (no encryption). Use this option to create an unencrypted PGP Zip archive. However, because you are not encrypting the PGP Zip archive, you must specify a signing key using the Signature field. If you have only one file in your PGP Zip archive and you are signing the file but not encrypting it, create a detached signature file by selecting the Save Detached Signature File checkbox. If you want to create a detached signature file, you can put one file only in the archive, you must choose a signing key, and you cannot encrypt the archive. When you have specified the files/folder you want included in the PGP Zip archive, click the Security tab. 9 Click Save. 10 Specify a file name and a location for the PGP Zip archive, then click Save. If you specified a signing key in the Signature field, you are prompted for the passphrase to the signing key (if it is not already cached). 11 Enter the appropriate passphrase, then click OK. The PGP Zip archive is created in the location you specified. Using PGP Shred to Shred Files 6 The PGP Shredder feature completely destroys files and folders so that even sophisticated file recovery software cannot recover them. While both the PGP Shredder icon and the Windows Recycle Bin (on Windows systems) or the Trash bin (on Mac OS X systems) appear on your desktop, only PGP Shredder immediately overwrites the files you specify so that they are not recoverable. If desired, specify a private key from your keyring to provide a Signature for the PGP Zip archive you are creating. This specified private key is used to digitally sign the PGP Zip archive being created. The recipient(s) can verify who the archive is from by verifying the digital signature using the corresponding public key. You can shred files using any of the following methods: 10 Using the PGP Shredder icon. Using the PGP toolbar. Using the Shred menu option in PGP Desktop. Using the Finder. confirmation dialog box is displayed, asking you to confirm that you want to shred (secure delete) the listed files and/or folders. 3 Shredding Files using the PGP Shredder icon Technical Support To shred a file or folder using the PGP Shredder icon 1 Locate the file or folder you want to delete securely. 2 Drag the file or folder onto the PGP Shredder icon. A confirmation dialog box is displayed, asking you to confirm that you want to shred (secure delete) the listed files and/or folders. 3 Click OK. The file or folder is deleted from your system securely. Click OK. The file or folder is securely deleted from your system. Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates. Tip: Create an Alias of the PGP Shredder icon on your desktop so you can shred files without having to locate the PGP Shredder icon in the /Applications folder. Then move the Alias to the Desktop (or Dock). Symantec’s support offerings include the following: Shredding Files using the Shred Files Icon in the PGP Desktop Toolbar A range of support options that give you the flexibility to select the right amount of service for any size organization Telephone and/or Web-based support that provides rapid response and up-to-the-minute information To shred a file or folder using the PGP Desktop Toolbar Upgrade assurance that delivers software upgrades Global support purchased on a regional business hours or 24 hours a day, 7 days a week basis Premium service offerings that include Account Management Services 1 Click the Shred Files icon in the toolbar. 2 Locate the file or folder you want to Shred, then click Shred. A confirmation dialog box is displayed, asking you to confirm that you want to shred (secure delete) the listed files and/or folders. 3 For information about Symantec’s support offerings, you can visit our Web site at the following URL: Click OK. The file or folder is securely deleted from your system. www.symantec.com/business/support/ All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy. Shredding Files using the Shred Command from the File menu Contacting Technical Support To shred a file or folder using the Shred command 1 Select File > Shred. 2 Navigate to the file or folder you want to Shred, then click Shred. A confirmation dialog box is displayed, asking you to confirm that you want to shred (secure delete) the listed files and/or folders. 3 Customers with a current support agreement may access Technical Support information at the following URL: www.symantec.com/business/support/ Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem. Click OK. The file or folder is securely deleted from your system. When you contact Technical Support, please have the following information available: Shredding Files in the Finder To shred a file or folder in the Finder 1 In the Finder, locate the file or folder that you want to shred. 2 Ctrl+click the file or folder (or right-click it if you are using a two-button mouse) and select PGP > Shred. A 11 Product release level Hardware information Available memory, disk space, and NIC information Operating system Version and patch level Network topology Router, gateway, and IP address information Problem description: Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes Copyright and Trademarks Copyright (c) 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, PGP, Pretty Good Privacy, and the PGP logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. Licensing and registration If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: www.symantec.com/business/support/ Customer service Customer service information is available at the following URL: www.symantec.com/business/support/ Customer Service is available to assist with non-technical questions, such as the following types of issues: Questions regarding product licensing or serialization Product registration updates, such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades Information about upgrade assurance and support contracts Information about the Symantec Buying Programs Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs or manuals Support agreement resources If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows: Asia-Pacific and Japan customercare_apac@symantec.com Europe, Middle-East, Africa semea@symantec.com North America, Latin America supportsolutions@symantec.com 12
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : Yes Author : Symantec Corporation Comments : Copyright © 1996-2002 AuthorIT Software Corporation Ltd., all rights reserved...PGP User Guide Template Company : AuthorIT Software Corporation Ltd. Create Date : 2012:03:30 17:17:19-07:00 Keywords : 10.2 Modify Date : 2012:04:03 17:50:28-07:00 Language : en Tagged PDF : Yes XMP Toolkit : Adobe XMP Core 4.2.1-c041 52.342996, 2008/05/07-20:48:00 Producer : Acrobat Distiller 7.0.5 (Windows) Creator Tool : Acrobat PDFMaker 7.0.7 for Word Metadata Date : 2012:04:03 17:50:28-07:00 Format : application/pdf Title : PGP Desktop Quick Start Guide Creator : Symantec Corporation Subject : 10.2 Document ID : uuid:a16358b0-65c1-462d-805f-02224c91cbab Instance ID : uuid:d71d7ba4-f20b-4ae0-8861-0e7a11bf938c Page Layout : OneColumn Page Count : 12EXIF Metadata provided by EXIF.tools