diff --git a/keepercommander/__init__.py b/keepercommander/__init__.py
index 50157b85f..577e949c3 100644
--- a/keepercommander/__init__.py
+++ b/keepercommander/__init__.py
@@ -10,4 +10,4 @@
 # Contact: ops@keepersecurity.com
 #
 
-__version__ = '16.11.11'
+__version__ = '16.11.12'
diff --git a/keepercommander/commands/utils.py b/keepercommander/commands/utils.py
index 3265fe18a..9a5934bc8 100644
--- a/keepercommander/commands/utils.py
+++ b/keepercommander/commands/utils.py
@@ -753,12 +753,15 @@ def execute(self, params, **kwargs):
 
         if params.session_token:
             SyncDownCommand().execute(params, force=True)
-            if params.breach_watch:
-                BreachWatchScanCommand().execute(params, suppress_no_op=True)
-            if params.enterprise_ec_key:
-                SyncSecurityDataCommand().execute(params, record='@all', suppress_no_op=True)
             if params.is_enterprise_admin:
                 api.query_enterprise(params, True)
+            try:
+                if params.breach_watch:
+                    BreachWatchScanCommand().execute(params, suppress_no_op=True)
+                if params.enterprise_ec_key:
+                    SyncSecurityDataCommand().execute(params, record='@all', suppress_no_op=True)
+            except Exception as e:
+                logging.warning(f'A problem was encountered while updating BreachWatch/security data: {e}')
 
 
 class CheckEnforcementsCommand(Command):
@@ -1328,7 +1331,12 @@ def get_security_data(record, pw_obj):     # type: (KeeperRecord, Dict or None)
                     # truncate domain string if needed to avoid reaching RSA encryption data size limitation
                     sd_data['domain'] = domain[:200]
             if sd_data:
-                sd.data = crypto.encrypt_rsa(json.dumps(sd_data).encode('utf-8'), params.enterprise_rsa_key)
+                try:
+                    sd.data = crypto.encrypt_rsa(json.dumps(sd_data).encode('utf-8'), params.enterprise_rsa_key)
+                except Exception as e:
+                    logging.error(f'Error: {e}')
+                    logging.error(f'Enterprise RSA key length = {params.enterprise_rsa_key.key_size}')
+                    return
             sd.uid = utils.base64_url_decode(record.record_uid)
             return sd
 
@@ -1389,6 +1397,8 @@ def has_stale_security_data(record):
             to_update = [(r, p) for r, p in to_update if has_stale_security_data(r)]
 
         sds = [get_security_data(r, s) for r, s in to_update] if to_update else []
+        # Remove empty security-data update requests (resulting from failed RSA encryption)
+        sds = [sd for sd in sds if sd]
         while sds:
             update_security_data(sds[:update_limit])
             sds = sds[update_limit:]