NOTE: If your system is dual-boot or features a utility partition (recovery or Dell Media Direct) it is not compatible for PGP Whole Disk Encryption. If you have a Dell Inspiron M1210, Dell E5400 or Dell XPS please call AskIT at 205-996-5555 before attempting to encrypt your machine with PGP.
Please review the list of devices that are incompatible with PGP.
To successfully install and configure PGP, you will need the following:
- Administrative privileges
- An active connection to the Internet
- A physical keyboard - tablets without keyboards are unable to use the software
- One of the following operating systems: Windows 7, Windows Vista, XP Home or Professional 32-bit (SP2/SP3), XP Pro 64-bit (SP2), XP Tablet 2005, Windows 2000 (SP4)
- 512MB RAM
- 64MB hard disk space
Prepare Your Computer
- Back up your data - Prior to downloading or installing any encryption software such as PGP, be sure to back up your data to a trusted source. Devices such as external drives, CDs, DVDs and network drives are recommended for storage of important documents. it would also be a good idea to ensure that your have the ability to reinstall any important software if any data loss should actually occur.
- Defragment - Prior to encryption, you may wish to defragment your computer to speed up the encryption process. To do so, click the Start menu. Point to Programs>Accessories>System Tools, and then click Disk Defragmenter. Click the Analyze button; a report will appear telling you whether or not defragmentation is recommended. If it is, click the Defragment button to begin; if not, close Disk Defragmenter and proceed to the next step.
- Check the disk for disk errors - Under normal operation, many hard drives do not exhibit any signs of corruption or flaws, but when the data on the drive is encrypted, those issues can present a greater problem leading to file corruption, and in some cases complete loss of the operating system. In order to identify and correct these issues before any loss is incurred, SpinRite was purchased for the campus and is available on the IT Software Library site for faculty and staff. The software will assist you in creating a bootable CD that will scan and correct any disk errors. This step is optional, but is also highly recommended.
- Check power and network connections - Before installing, be sure your computer is plugged into a wall outlet and has an active network connection.
Download and Install PGP Software
- Go to the UAB Software Library, located at www.uab.edu/it/software. Locate the appropriate PGP software and click to begin downloading.
- Prior to installation, be sure to close all running programs and save anything you are working on.
- Navigate to where you saved the software and launch the PGP installer. In the PGP Desktop window, select English.
- Read the licensing agreement, select "I Accept" the licensing agreement, and click Next.
- Click Nextagain.
- The installer will start copying files into place.
- Click Yes to reboot. When the computer has rebooted and you log in, the PGP Setup Assistant should automatically appear.
- When prompted for domain credentials, enter your BlazerID and password.
- Select "I am a new user", and click Next.
- Click Next.
- The next box to pop up will be a prompt to create a passphrase user. Enter the username and password you use to log into your system. In many areas of campus, this is also your BlazerID and password with a domain of UAB.
- The program should begin to automatically encrypt the disk in the background while you go about your normal work. Note: Encryption may take up to eight hours. If necessary, you can shut down the computer (Start>Shutdown>Turn off computer), but DO NOT abruptly power off the system.
- When the encryption of the boot drive is complete, the lower icon will become a solid padlock.
- From this point on, prior to booting Windows, you will receive a gray PGP boot screen in which you are prompted to enter the passphrase that you entered during setup. Entering a correct passphrase permits access to the machine and will log you into the Windows operating system through the single sign-on feature.
Although rare, situations have occurred where a hard drive encrypted with PGP does not boot. To assist in recovery of these drives, the creation and use of a PGP Boot Disk is highly recommended.
Please note that each version of PGP requires a boot disk unique to the particular version in use on the client. For example, if you attempt to use a 9.6 recovery disk to decrypt a disk protected with PGP Whole Disk Encryption 9.9 software, any data on the PGP Whole Disk Encrypted 9.9 disk will be unrecoverable.
Note: If you do not remember the recovery passphrase, please contact the help desk, AskIT, by email AskIT@uab.edu, or by phone, 205-996-5555.
Create a Recovery Boot Disk
- Download the appropriate ISO file from the Symantec archives:
a) Version 10.x: http://www.symantec.com/business/support/index?page=content&id=TECH152604
b) Version 9.X: http://www.symantec.com/business/support/index?page=content&id=TECH148915
- Burn the ISO to a CD, label it appropriately and store it in a safe place.
Using a Recovery Boot Disk
- Insert your Recovery CD into the computer's CD drive.
- Reboot the computer and boot to the CD.
- When the login screen appears, enter the recovery passphrase for the encrypted drive and press Enter to begin decryption. This operation can take many hours and the system should not be powered off.
- Once the process is complete, the system should start as normal. If the operating system still does not boot, proceed with your operating system repair or data migration process.
Using a Recovery Workstation
If you have the resources or equipment available, the hard drive from the system that will not boot can be accessed by a workstation that has PGP installed on it. Simply connect the device using a USB hard drive bay or adapter, and enter a passphrase associated with the drive. Once the hard drive is mounted to the recovery system, files can be recovered by moving them or by decrypting the hard drive.
If you experience any issues with PGP, please report them to the help desk, AskIT, by email at AskIT@uab.edu, or by phone at 205-996-5555. Please be sure to provide the following information:
- Error messages
- Computer make and model
- Internet connection type
- PGP installer version
- Estimated time of occurrence (if possible)
Common Solutions to Installation Issues
- Verify that you are an administrator of the system on which you are attempting to install PGP.
- Open your web browser and ensure that you have Internet connectivity by opening a website.
- Be sure that you have a current installation package for PGP Desktop. Visit www.uab.edu/it/software for the latest installation files.
- Ensure that you are using your BlazerID and strong password for the PGP Enrollment credentials.
Common Solutions to Password Related Issues
- Verify that Caps Lock is not on while authenticating.
- If you recently changed your account password, you may have to provide the old password until you log in to the system with your new password.
- If the previously mentioned steps do not resolve your issue, you should call the AskIT Help Desk to request a PGP recovery token for the system or portable device. A recovery token is a one-time password that will allow you to bypass PGP, but it will not bypass the operating system password; you are still required to log in.
Common Solutions to Boot/Startup Related Issues
- Ensure that a keyboard is connected to the system. Systems such as tablets without physical keyboards will not be able to authenticate on the PGP boot screen.
- Remove any CDs, DVDs or USB drives from the system. Many of these devices have features that allow them to start before the system hard drive.
- Does the system have multiple operating systems or Dell Media Direct? If so, then you will need to contact your support personnel to assist you with the recovery of your hard drive. Please note that PGP should never be installed on systems with multiple operating systems, as it will render the system inoperable.
- See the PGP Recovery documentation for further support.
Antivirus software protects your computer from malicious files and exploits by scanning files on access and creation. The effectiveness of the antivirus software's ability to detect malicious files is based on the definition files that are updated seveeral times a day by the manufacturer. Therefore, it is important that the antivirus software is updated regularly to detect the latest threats.
To schedule an appointment to have your laptop encrypted, please contact the AskIT help desk at 205-996-5555. The following procedures will be performed on your laptop or notebook computer:
- Backing up your data
- Verifying or installing antivirus software
- Updating antivirus definitions and scanning for viruses
- Scanning with hardware diagnostic software
- Installing operating system updates
- Defragmenting the hard drive
- Encrypting your laptop
Please be advised:
- If you have a dual-boot (dual operating system), Dell Inspiron M1210, Dell E5400, Dell XPS, Dell Media Direct, Mac, Linux or IBM system, please call AskIT at 205-996-5555 before scheduling an appointment.
- You will need to bring your power supply with your laptop.
- The AskIT (CEC 225) location is open Monday, Tuesday, Thursday and Friday 8:00 a.m. - 5:00 p.m. and Wednesday 8:30 a.m. - 5:00 p.m.
- It will take approximately 15 minutes to fill out the paperwork when you drop off your laptop computer, and approximately five minutes to complete the paperwork when you pick it up.
- The duration of the appointments (from the time you drop your laptop computer off, to the time you pick it up) are approximately 1-3 business days. If you come after 11:00 a.m. on the day of your appointment, the duration of your appointment may two business days.
BlazerID Login Required: In order to schedule a Health Check appointment you will need to login with your BlazerID and strong password. If you are unable to login, please visit BlazerID Central and choose "Activate Accounts" to determine whether you have a "strong "password. If you are unable to Activate Accounts successfully, please return to BlazerID Central and choose "Change BlazerID Password" to reset your password to a "strong" password. If you have any questions or concerns during this process, please call AskIT at 205-996-5555 for assistance.
Please feel free to contact us with any questions through our help desk, AskIT, by email or phone at 205-996-5555.
NOTE: Do not encrypt your boot disk if you currently use, or plan to use Bootcamp to run a Windows operating system on your Mac. Also, there is a known incompatibility with Sophos and FileVault on Mac OS X 10.5.x. If you choose to use FileVault please do not install Sophos Antivirus at this time.