Cibecs Endpoint Cloud leverages EFS (The Encrypted File System available in Microsoft Windows Operating Systems) to encrypt the files on the user’s computer.
Customers running Kaspersky Antivirus may have their encrypted files corrupted due to a bug in Kaspersky 10 SP2 and earlier versions that corrupt EFS files after scanning.

Cause
It is important to note that the corruption of files is caused by a known issue in Kaspersky Endpoint Security version 10 SP2 and earlier as documented on the Kaspersky Knowledge Base:
PF1369, PF1536 Files encrypted by EFS are corrupted after scanning

Impact
When running Kaspersky Version 10 SP2 or earlier will corrupt all files encrypted by EFS. 
This affects:
  • User’s choosing to enable the encryption option (from Windows explorer) on their files.
  • Endpoint Cloud customers with the DLP encryption option enabled where Endpoint Cloud is managing the encryption of user devices.
  • Any other product or service that leverages EFS to encrypt the user’s files.
Solution
  • Kaspersky has no documented solution for users that have already been affected by this. We are currently awaiting a response from Kaspersky Support. We have created a lab environment and we are currently investigating a recovery process.
  • It is important to ensure that a later version than Kaspersky 10 SP2 is running before enabling encryption.
  • It is also recommended that Endpoint Cloud customers allow backups to be completed for each user before enabling encryption.