Protective Enclave FAQ

The following are answers to questions that you may have when using the Protective Enclave.

NOTE: Because the Protective Enclave uses MFA to authenticate, check the MFA FAQ if your question relates to authentication.

Questions:

• How do I log into the Protective Enclave?
• Once logged in, can I stay logged in all day?
• I receive documents that contain vendor bank information (bank name, account name, ABA routing number, account number). This information is used to make payments to the vendor, either by check or direct deposit. Do I need to move these docs to my PE docs folder?
• When using Core-CT, what activities must be done from inside the Protective Enclave?
• How do I access my Banner Folders in the Protective?
• How do I save a file when using Internet Explorer?
• Why am I seeing a timeout message appear after logging into the Protective Enclave?
• I accidently clicked the X in the upper-right hand corner of the Protective Enclave Desktop window. Did I lose what I was working on?
• Is there a maintenance window when I shouldn't be working in the Protective Enclave?
• I thought all files were shredded in the Enclave-Transfer library nightly. Why are some files still there the next day?
• My Protective Enclave Desktop just disappeared for no reason even though I was actively working in it. Why?
• What happens when I am logged on to a machine and start a new session on another machine?
• How do I make the Protective Enclave Desktop window full screen, restore to a window or span dual monitors?
• How do I add to my IE Favorites bar when I'm working in the Protective Enclave?
• What is Request DLP bypass on the Data Loss Prevention pop-up?

Answers:

•  How do I log into the Protective Enclave?

For detailed instructions on how to access the Protective Enclave, check out the Logging into the Enclave page.

•  Once logged in, can I stay logged in all day?

Yes, typically, you can log in at the beginning of your work day and minimize the Protective Enclave Virtual desktop window when you are not using it throughout your day. You will only use your NetID and password to unlock the Protective Enclave Virtual desktop if the screensaver kicks in - you won't need to reauthenticate each time using MFA. At the end of your work day, remember to sign out of the Protective Enclave Virtual desktop to before you log out of your local workstation.

•  I receive documents that contain vendor bank information (bank name, account name, ABA routing number, account number). This information is used to make payments to the vendor, either by check or direct deposit. Do I need to move these docs to my Enclave-Docs folder?

Documents that contain a bank's name, ABA routing number and an account number that is used for making vendor payments (via check or direct deposit) and cannot be used for withdrawing funds is not DCL3 data. Typically, this information is being provided to you from the vendor via email and is often also published on their websites. Use this to make your decision as to whether or not to move the docs to the PE: If it's publicly available information for a bank account that is used only to make deposits, then it does not need to be moved to the PE.

•  When using Core-CT, what activities must be done from inside the Protective Enclave?

Work completed by anyone maintaining employee records in Core-CT (e.g. Workforce Administration, benefits, Time and Labor, and Payroll) must be done within the Protected Enclave. Restricting access to Core-CT to the Protected Enclave for employee administration purposes, will mitigate the exposure of sensitive DCL3 data.

Employees maintaining their own personal information, entering time, or approving time can access Core-CT outside of the Enclave.

•  How do I access my Banner Folders in the Protective?

For detailed instructions on how to access your Banner Folders from the Protective Enclave, check out Working in the Enclave page.

•  How do I save a file when using Internet Explorer?

When you are viewing the page you want to save, click the wheel icon - File - "Save as...":

 

NOTE: Ctrl + S is disabled and will not work in the Protective Enclave.

•  Why am I seeing a timeout message appear after logging into the Protective Enclave?

Once logged into the Protective Enclave Virtual Desktop, you can simply close the browser window connected to the Citrix Receiver to avoid seeing the session timeout warning. If you don't close it, you'll notice it will warn you it will be timing out soon:



and then it will timeout due to inactivity:



You can either let it timeout (seen above) or you can choose to close the browser window once you are connected to the Protective Enclave:


NOTE: If you log out of the Citrix session (using Log Off), you will disconnect from the Protective Enclave Desktop.

•  I accidently clicked the X in the upper-right hand corner of the Protective Enclave Desktop window. Did I lose what I was working on?

If you accidently click the X in the upper-right hand corner of the Protective Enclave Desktop:



It may show you the following popup:

 

It is recommended that you do not enable the "Don't ask me again." If you accidentally clicked the X to close the window, the popup will alert you that you are about to disconnect from the Protective Enclave Virtual Desktop. If you do disconnect, in order to not lose any unsaved work, you must reconnect to the Protective Enclave Desktop within 10 minutes. Reconnecting after 10 minutes will result in losing any unsaved work.

NOTE: Disconnecting by clicking the X as shown above is not the proper way to close your Protective Enclave Desktop. Instead, when you are done for the day, you will want to save any unfinished work and Sign Out.

•  Is there a maintenance window when I shouldn't be working in the Protective Enclave?

Yes. There is a scheduled, weekly maintenance window on Sunday morning from 2AM to 4AM that you may be disconnected even from an active Protective Enclave Desktop session. We highly recommend you do not work in the Protective Enclave during this time and close and save any work before 2AM on Sunday.

•  I thought all files were shredded in the Enclave-Transfer library nightly. Why are some files still there the next day?

There is a max file size for files that can be shredded. Files larger than the max file size cannot be shredded and will remain in the Enclave-Transfer library, logged and steps will be taken to address the situation.

•  My Protective Enclave Desktop just disappeared for no reason even though I was actively working in it. Why?

There are two common situations where an active Protective Enclave Desktop would disappear:

• During the scheduled, weekly maintenance window: Sunday 2AM - 4 AM. Note that any work that was being done may be lost.
• When the same account that was used to connect to the Protective Enclave is used to open another Protective Enclave Desktop (for example it is launched from another workstation). There can only be one Protective Enclave Desktop open at a time per user, therefore if a second one is launched, the first one will disconnect without any error, popup or warning. Since it's the same user launching the Protective Enclave Desktop, whatever application was being worked on from the first Protective Enclave Desktop will be right where it was left off when the first Protective Enclave Desktop "disappeared".
  

•  What happens when I am logged on to a machine and start a new session on another machine?

There can only be one Protective Enclave Desktop open at a time per user, therefore if a second one is launched on another workstation by the same user, the first one will disconnect without any error, popup or warning. Since it's the same user launching the Protective Enclave Desktop, whatever application was being worked on from the first Protective Enclave Desktop will be right where it was left off when the first Protective Enclave Desktop "disappeared".

•  How do I make the Protective Enclave Desktop window full screen, restore to a window or span dual monitors?

Steps are shown in the Navigating Around page.

•  How do I add to my IE Favorites bar when I'm working in the Protective Enclave?

If you try to use the star icon to add the current site to the favorites bar you will see an error:



Instead, click and hold the icon to the left of the URL and then drag it to the Favorites bar:

•  What is Request DLP bypass on the Data Loss Prevention pop-up?

When a file is flagged as containing DCL3, the McAfee Data Loss Prevention popup has a link to a 'Request DLP bypass'


Currently, the link to 'Request DLP bypass' is not used by CSCU. If a file is flagged as containing DCL3 and is a false positive, work with your local IT department to allow the file to be allowed out of the Protective Enclave.

This FAQ was last updated: Thursday, March 1, 2018