Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 4379 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to "recover" files encrypted with personal/wrong key?

Paul Hutchings

We're evaluating SSG 8 (latest download when registering) and so far so good but I have a question:

Suppose I setup "Bob" with a personal key.

Bob writes a bunch of files to a folder somewhere which are encrypted using that key.

Bob leaves, we can see the file(s) but Bobs AD account no longer exists.

As we have the key in SafeGuard I know (I think!) we can somehow decrypt and encrypt with a different key, but I cannot find how.

Can anyone help please?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hey Paul,

    Many thanks for the question.

    When a user encrypts with a PERSONAL Key the files are only accessible to them as an active personal key cannot be assigned to other users.

    In the scenario you mentioned the best key to be using is a LOCAL Key, which can be re-assigned if the user is unavailable/leaves the company.

    I hope that helps.

  • 0 in reply to FormerMember

    Toby, thanks for responding, sitting in front of the 400 page PDF manual now :)

    I saw one of your "best practice" guides suggested starting off with an "organisation key" - do you typically suggest using one of the pre-created keys for this, or creating a new key and assigning it to the relevant parent OU?

  • FormerMember
    0 FormerMember in reply to Paul Hutchings

    Yes there's a lot in there! :) But fear not, not all of it will be relevant depending on how you're using the product.

    I'd recommend using a new key that you create specifically for a purpose and name it accordingly, ie: "SALES_KEY", "ACCOUNTS_KEY".
    You can then assign it as needed to your desired OU and it'll be easy to see if someone has the wrong key.

    Hope that helps.

  • 0 in reply to FormerMember

    Thanks Toby, makes sense.  Next question :)  We're on 8.00.0.280

    We need location based encryption as we need to ensure files written to specific network locations are encrypted regardless of the app being used.

    So, we install the test clients with that enabled, which means "synchronised" encryption is not enabled.

    This seems to remove the ability to use the Outlook plug-in?  I read a post on here from September that suggested the Outlook plug-in is planned to be available for location based encryption clients with the "next release", do you have timescales on that please?

    Also (and I hope this is a simple one), where is the option to simply allow clients to right-click a file and create a standalone encrypted file which can be sent via FTP or whatever other means?  I'm sure it was in the webinar I saw...

    Thanks :)

Unfiltered HTML