Self-Encrypted Drives with Encrypted Hard Drive Do Not Allow Encryption Management

Affected Products:

• Dell Encryption Enterprise

Affected Operating Systems:

• Windows 11
• Windows 10
• Windows 8.5
• Windows 8
• Windows 2019 Server
• Windows 2016 Server
• Windows 2012 Server

Not Applicable

Encrypted Hard Drive and Encryption Management

Self-Encrypted drives with the Encrypted Hard Drive feature do not allow encryption management by third-party software such as WinMagic SecureDoc or Symantec Endpoint Encryption.

Users may state that the drive does not allow deletion of the encryption key (crypto-erase) by the same software, or by drive management programs such as SeaTools.

This behavior has been documented on the OptiPlex 9020 AOL with a Seagate ST500LM020.

Working Within Design Parameters

This behavior is working as designed. The Encrypted Hard Drive feature takes default ownership of the Self-Encrypted Drive (SED), which prohibits third-party software from locally managing the device.

Only Windows BitLocker can be used for encryption.

In order for Encrypted Hard Drive to be active, three components are required:

• An SED that is Trusted Computing Group (TCG) OPAL Security Subsystem Class 2 (Opal 2) and IEEE-1667 compliant (IEEE 1667 "the Standard Protocol for Authentication in Host Attachments of Transient Storage Devices")
• A computer platform with Unified Extensible, Firmware Interface (UEFI) 2.3.1
• Windows 8.x (imaged through UEFI)

WinMagic SecureDoc and Symantec Endpoint can incorporate the Encrypted Hard Drive feature into its network encryption management through BitLocker.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.