Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 5 subscribers
  • Views 17045 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SafeGuard File Encryption

Pawel

Hi,

I'm setting up file encryption for data server locattion

Required access is few IT operators from their workstations + AV installed on the data server + cabkup software instralled on the data server - this is all set up and OK.

We also require access for separate server whcih processes the files some way... the server service is run on separate machine as somain user and is initiated from IT workstation where client is run periodicaly.

How can i either exclude that service or give the domain user which runs the service appropriate key and policies (is it possible?)

thanks

pawel

:55812


This thread was automatically locked due to age.
  • 0

    Will that service need access to the content of the files or is it just moving them?

    :55814
  • 0

    it will need access to content, will create new files, delete files etc.

    :55816
  • 0

    The other question would be....

    I have Trusted Application configured in General Settings of my policy applied at root level. When I set up the path there where it relates to? Will it trust all applications from the server fhere encrypted share exists only? Will it trust applications from the clients PCs (where SafeGuard clients are installed)?

    :55818
  • 0

    I *think* it just trusts the exe that is specified. I havent used it at a full level yet.

    I think to achieve what you want to do you would probably need File Share installed on the device where the application was running.

    :55825
  • 0

    Hi Pawel,

    if the additional server requires access to the encrypted files, you have to install the SafeGuard File Share Client on this machine too. In addition to that, this machine needs the appropriate encryption policies and access to encryption keys used to protect the shares.

    When the "Trusted Application" policy setting was configured and the policy is applied on the root level, the policy setting affects all SafeGuard Clients with an installed File Encryption module (File Share, Data Exchange or Cloud Storage).

    Regards,

    ChrisD

    :55826
  • 0

    Hi, thanks for replies.

    How can i install minimum what's required on this server to only pass the policy containing Trusted Applications?

    I don't want other components etc, I.E. login /. authentication checking.

    When I installed the client on the testbed machine using only File Encryption component I still wasn't able to login with local administrator - is that due to some policy / which one? If I have all policies applied on the root level can I apply different policy to exclude this authentication?

    thanks

    p

    :55975
Unfiltered HTML