mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-25 07:13:37 +00:00
74 lines
3.2 KiB
YAML
74 lines
3.2 KiB
YAML
### YamlMime:FAQ
|
|
|
|
metadata:
|
|
title: Frequently asked questions for Personal Data Encryption (PDE)
|
|
description: Answers to common questions regarding Personal Data Encryption (PDE).
|
|
author: frankroj
|
|
ms.author: frankroj
|
|
ms.reviewer: rafals
|
|
manager: aaroncz
|
|
ms.topic: faq
|
|
ms.prod: windows-client
|
|
ms.technology: itpro-security
|
|
ms.localizationpriority: medium
|
|
ms.date: 09/22/2022
|
|
|
|
title: Frequently asked questions for Personal Data Encryption (PDE)
|
|
summary: |
|
|
Here are some answers to common questions regarding Personal Data Encryption (PDE)
|
|
|
|
sections:
|
|
- name: Single section - ignored
|
|
questions:
|
|
- question: Can PDE encrypt entire volumes or drives?
|
|
answer: |
|
|
No. PDE only encrypts specified files.
|
|
|
|
- question: Is PDE a replacement for BitLocker?
|
|
answer: |
|
|
No. It's still recommended to encrypt all volumes with BitLocker Drive Encryption for increased security.
|
|
|
|
- question: Can an IT admin specify which files should be encrypted?
|
|
answer: |
|
|
Yes, but it can only be done using the PDE APIs.
|
|
|
|
- question: Do I need to use OneDrive as my backup provider?
|
|
answer: |
|
|
No. PDE doesn't have a requirement for a backup provider including OneDrive. However, backups are strongly recommended in case the encryption keys used by PDE are lost. OneDrive is a recommended backup provider.
|
|
|
|
- question: What is the relation between Windows Hello for Business and PDE?
|
|
answer: |
|
|
Windows Hello for Business unlocks PDE encryption keys during user sign on.
|
|
|
|
- question: Can a file be encrypted with both PDE and EFS at the same time?
|
|
answer: |
|
|
No. PDE and EFS are mutually exclusive.
|
|
|
|
- question: Can a PDE encrypted files be accessed after signing on via a Remote Desktop connection (RDP)?
|
|
answer: |
|
|
No. Accessing PDE encrypted files over RDP isn't currently supported.
|
|
|
|
- question: Can a PDE encrypted files be access via a network share?
|
|
answer: |
|
|
No. PDE encrypted files can only be accessed after signing on locally to Windows with Windows Hello for Business credentials.
|
|
|
|
- question: How can it be determined if a file is encrypted with PDE?
|
|
answer: |
|
|
Encrypted files will show a padlock on the file's icon. Additionally, `cipher.exe` can be used to show the encryption state of the file.
|
|
|
|
- question: Can users manually encrypt and decrypt files with PDE?
|
|
answer: |
|
|
Currently users can decrypt files manually but they can't encrypt files manually.
|
|
|
|
- question: If a user signs into Windows with a password instead of Windows Hello for Business, will they be able to access their PDE encrypted files?
|
|
answer: |
|
|
No. PDE encryption keys are protected Windows Hello for Business credentials and will only be unlocked when signing on with Windows Hello for Business PIN or biometrics.
|
|
|
|
- question: What encryption method and strength does PDE use?
|
|
answer: |
|
|
PDE uses AES-256 to encrypt files
|
|
|
|
additionalContent: |
|
|
## See also
|
|
- [Personal Data Encryption (PDE)](overview-pde.md)
|
|
- [Configure Personal Data Encryption (PDE) polices in Intune](configure-pde-in-intune.md) |