While most of my applications are installed on my C: drive, one or two supporting programs and scripts are on other drives which are TrueCrypted and as such are considered ‘mounted’ drives by the OS and CIS. The upshot is that whenever the system is rebooted I have to tell CIS to allow activities for these programs the first time they run. The setting is remembered until the next reboot, when I have to tell it again.
I can understand the paranoia surrounding physically removable media, where today’s ‘H: drive’ might not be the same ‘H: drive’ as was plugged in yesterday, but in my case the drives and the data are physically inside the PC and are mounted automatically at boot time.
Is there any way to tell CIS, or more specifically Defense+, that these programs can be permanently trusted even though they’re on a ‘removable’ drive? Or will I have to move them to C: if I’m to avoid having to give permission each time?
I overwhelmed it (not speaking of UNC shares, there seems to be no way even if the ip of the network computer is trusted) with a crypted usb stick by making it seen as a fixed device using Hitachi Microdrive Filter (but in CIS 3, i didn’t make the test in CIS 5) and trusting not the drive itself (O:) altough i don’t care, i am the only physical user, but the path of the crypting executable (Folder Lock) on this stick.
I don’t know if you can find some way, speaking here of a virtual drive mounted from a physical one, to make this virtual drive seen as a fixed and trusted drive letter.
If it does not, alternative crypting solutions (Folder Lock or other) thus work, but do not encrypt “on the fly”.