Secure File Service

File folder with chain and padlock.

Secure File is a service providing whole disk encryption on Windows desktops and laptops, and CIFS file share encryption on designated file servers. This service addresses the requirements for securely storing Category 1 - Restricted Data and/or Personally Identifiable Information.

Symantec Encryption Desktop

The Symantec Encryption Desktop software package installs all of the products required for encryption:

  • PGP Keys
  • PGP Disk (Symantec Drive Encryption)
  • File Share Encryption (commonly referred to as netshare)

The Symantec Encryption Management Server PGP product provides key management for both components.

Access to the Symantec Encryption Desktop software package is restricted to IT Staff at UB.  Please choose "Secure File Service" on this webform to setup a consultation for use of this service, or for service requests including file restorations.

Symantec Drive Encryption

The Symantec Drive Encryption (SDE) product locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system files, and swap files. SDE can also be used to encrypt just the boot partition or Windows partitions. The software produces a set of unique encryption keys for the client machine encryption and decryption. An alternate pass phrase or one use only key may be used for data recovery should a user’s pass phrase for a client be unavailable. The Encryption Management Server availability is not necessary for SDE to encrypt and decrypt.


Symantec Drive Encryption is not compatible with Mac OSX or Windows 8

Symantec File Share Encryption

The Symantec File Share Encryption (SFSE) product provides transparent, end-to-end encryption for shared file storage.  Symantec File Share Encryption enables people to share protected files in a shared space. Encryption can be accomplished via individual keys or via a group key. The CIT Encrypted File Service will provide CIFS file share server space to authorized people using group key encryption. The CIFS file share server(s) will be used solely for the encrypted file service. Individual and group File Share Encryption keys will be stored only on the Encryption Management Server, and will not be stored on end user computers. The Symantec Encryption Management Server product accessibility is required for File Share Encryption to function.  

Frequently Asked Questions

  • What happens when a password is changed?
    • If the password is changed then you may have to log in with your old password to unlock the drive and boot once until it syncs.
  • How can I ensure my files are being backed up each day?
    • Be sure to save and close your files before leaving for the day. PGP does not allow open files to be backed up.   
Still need help?

Contact the UBIT Help Center.