From 42c78fe967d9c53f84f1c9efa65be6d6006068ab Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 16 Sep 2022 15:53:57 -0400
Subject: [PATCH] Update PDE Docs 8

---
 .../personal-data-encryption.md               | 26 ++++++++++++++++---
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/windows/security/information-protection/personal-data-encryption.md b/windows/security/information-protection/personal-data-encryption.md
index 08f43feab3..4376282469 100644
--- a/windows/security/information-protection/personal-data-encryption.md
+++ b/windows/security/information-protection/personal-data-encryption.md
@@ -205,11 +205,11 @@ There's also a [PDE CSP](/windows/client-management/mdm/personaldataencryption-c
 
 The main difference between encrypting files with PDE instead of EFS is the method they use to encrypt the file. PDE uses Windows Hello for Business to secure the encryption keys that encrypts the files. EFS uses certificates to secure and encrypt the files.
 
-To see if a file is encrypted with PDE or EFS
+To see if a file is encrypted with PDE or EFS:
 
-1. Open the properties of the file.
-2. Under the **General** tab, select on the **Advanced...** button.
-3. In the **Advanced Attributes** windows, select on the **Details** button.
+1. Open the properties of the file
+2. Under the **General** tab, select **Advanced...**
+3. In the **Advanced Attributes** windows, select **Details**
 
 For PDE encrypted files, under **Protection status:** there will be an item listed as **Personal Data Encryption is:** and it will have the attribute of **On**.
 
@@ -217,4 +217,22 @@ For EFS encrypted files, under **Users who can access this file:**, there will b
 
 Encryption information including what encryption method is being used can be obtained with the command line **cipher.exe /c** command.
 
+
+## Disabling PDE and decrypting files
+
+Currently there's no method to disable PDE via MDM policy. However, PDE can be disabled locally and files can be decrypted using **cipher.exe**. Additionally, in certain scenarios a user may be able to decrypt a file using the following steps:
+
+1. Open the properties of the file
+2. Under the **General** tab, select **Advanced...**
+3. Uncheck the option **Encrypt contents to secure data**
+4. Select **OK**, and then **OK** again
+
+> [!Important]
+> Once a user selects to decrypt a file, they will not be able to encrypt the file again.
+
+## Windows out of box applications that support PDE
+
+- Mail
+  - Supports encrypting both email bodies and attachments
+
 ## Next steps
\ No newline at end of file