File is decrypted (but padlock remains) when copied from a shared resource drive to another client

Technical Articles ID: KB69849
Last Modified: 5/28/2019

Environment

McAfee Endpoint Encryption for Files and Folders (EEFF) 4.2.x
McAfee File and Removable Media (FRP) 5.x, 4.3.x

Microsoft Windows 7
Microsoft Remote Desktop Protocol (RDP)

Problem

Encrypted files copied to another computer via RDP become decrypted.

If you access an FRP or EEFF client, installed via Microsoft Remote Desktop, from another FRP or EEFF client with all drives shared, and then copy an encrypted file from the shared drive to the other FRP or EEFF client, the file is decrypted but the file retains the FRP or EEFF encryption padlock icon.

Solution

This issue has been deferred to be resolved in a future product release. This article will be updated when newer information is available.

As a temporary measure, implement the workaround shown below.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

To receive information about McAfee product updates, sign up for the Support Notification Service at https://sns.secure.mcafee.com/signup_login.

Workaround

To work around this problem, use the FRP/EEFF Blocked Processes option in the Encryption Options policy.

Extracted from the FRP Product Guide (PD26185)

Blocked Processes
Blocks the specified processes from opening encrypted files. FRP blocks a process by withholding the keys required to decrypt the files.

By listing the application process name as Blocked in the EEFF or FRP policy, files will not be decrypted for these applications when called upon. Instead, the files are given in an encrypted state.

Log in to ePO console and edit the FRP policy settings.
Click Menu, Policy, Policy Catalog, then select File and Removable Media Protection from the Product drop-down list.
Select the category from the drop-down list. All created policies for the selected category appear in the details pane.
Under Blocked Processes, add the following process to block: rdpclip.exe
Under Blocked Processes, also add the following process to block: mstsc.exe.
Save the policy.
Send an Agent Wake-up call.

Related Information

For a related topic where files do not remain encrypted when transferred over a socket communication, see KB68994.

Affected Products

File and Removable Media Protection 5.0.x
Known Issue/Product Defect

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Knowledge Center

Environment

Problem

Solution

Workaround

Related Information

Affected Products

Glossary of Technical Terms

Title

Title

Featured Solutions

Explore Our Portfolio

Security Outcomes

Industries

Products

Featured Solutions

Explore Our Portfolio

MVISION Products

Services & Training

Threat Research

Our Researchers

Threat Landscape Dashboard

Tools

Contact Us

Resources

Downloads

Product Help

Connect with Us

Explore

Our Company

Our Efforts

Other Resources

Careers

Partnerships

Knowledge Center

Environment

Problem

Solution

Workaround

Related Information

Affected Products

Glossary of Technical Terms

Choose your region

Title

Title