This document will provide information on the use of VeraCrypt with the Deep Freeze product line.
Veracrypt is an open-source drive encryption package that provides a number of ways to secure data on a client device. Depending on the configuration used customers may find that data saved to their encrypted volume is not retained after reboot.
Deep Freeze is a system restore application used to remove any changes to a system that is protected by Deep Freeze. Due to this if the encrypted volume for VeraCrypt is hosted on a frozen volume any change saved to the encrypted volume will be reverted back along with any other change to the host volume.
To ensure that any changes to the data on the encrypted volume are retained users will need to ensure the following;
- The option to “Keep newly discovered hard disk drives Thawed” in the Deep Freeze configuration is selected. This allows the encrypted volumes to be treated as thawed when they are mounted and visible to the operating system.
- The volume that physically hosts the data must be marked as thawed in the Deep Freeze Configuration.
Note - When encrypting an entire disk you may need to select the option to encrypt the device, not an existing partition on the volume as the existing partition may not be able to be marked thawed if it does not have a recognized file system. A screenshot below shows the device that should be selected when encrypting an entire physical volume;