Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 4 answers
  • Subscribers 7 subscribers
  • Views 3800 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Safeguard

paresh palav

Hi Team,

We have built the SGN 8.1 Console and installed client in the test system.

 

We have made the encryption & decryption policy.

 

Now we want to assign the both policy at a time only required system are kept under decryption policy.

 

But when we checked the system RSOP then we are getting the result as below:

Can we change the policy execution policy priority for encryption and decryption.

 

 

 

 



This thread was automatically locked due to age.
Parents
  • +1

    Hi - It is best to create a policy to allow decryption and assign this to a group.

    Don't make computers a member of this group UNTIL to NEED to decrypt.

    It is pointless and not recommended to assign a client/computer an encrypt AND decrypt policy at the same time. 

     

    This old post of mine may help further - community.sophos.com/.../safeguard-enterprise-8-1-decrypt-files-and-uninstall

  • 0 in reply to MichaelMcLannahan

    Hi Micheal,

     

    We have testing this scenario due to below cases happen with our client:

     

    1. Suppose if there one system is encrypted with all drives protection and in feature if the system is crashed then we need to provide the harddisk to other recovery vendor for data recovery purposes.

    In recently one system is having two disk like c & d drive.

    In that system only c drive is accessible to the client and d drive data is not visible .

    Hecne he is asking for the decryption process.

     

    Can you suggest what is the best policy we can create here.

  • 0 in reply to paresh palav

    Hi Paresh - I am assuming you're talking about encrypted with BitLocker - Right?

    If so - I would supply the recovery company with the recovery key. They "should" know exactly how to mount a drive that's BitLocker enabled - to be honest if they don't....I wouldn't be trusting my business/data to them in the first place!

     

Reply
  • 0 in reply to paresh palav

    Hi Paresh - I am assuming you're talking about encrypted with BitLocker - Right?

    If so - I would supply the recovery company with the recovery key. They "should" know exactly how to mount a drive that's BitLocker enabled - to be honest if they don't....I wouldn't be trusting my business/data to them in the first place!

     

Children
Unfiltered HTML