Encryption

Discussions SGN Data Exchange

Encryption requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 5 replies
Subscribers 5 subscribers
Views 12457 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SGN Data Exchange

tough over 12 years ago

Hi,

I have a deployment for SGN Data Exchange come with the below scenario:

1. File based encryption

2. 1 key preferrable apply to all SGN DX installed clients

3. The encrypted pendrive accessible in PC without SGN client by key in password using SG Portable

Anyone, advice pls...

Thanks.

This thread was automatically locked due to age.

Parents

0 _JOEL_ over 12 years ago

Well this isn't difficult at all. This is the simplist method and honestly safest with the least impact to your users, it allows data to flow in but not out of the company.
First create a ROOT KEY specific for to your media, so for example create a new key to be inherited on the root level as "ENC_MEDIA_KEY" or something along those lines.
Next go to your root policy and create a new policy item for device protection choose the target as removable media, set meda encryption mode as file based, set algorithm as AES-256, set the key to be used as a defined key on list, and on the list specify the key you created as the first step. This will sign ALL your USB keys and files with the same key, all users will get that key as long as they have an "authorized" machine with a DX license.
The rest of the file settings set as you need, them, warning though SG Portable allows the users to sign the files with an alternate local key they specify with a symetric password meaning they can decrypt the file on the flash drive as needed. If that's the behaviour your want then train your users, if not then don't use SG Portable and tell them they need to use an authroized company computer to access the data PERIOD.
:24539
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 _JOEL_ over 12 years ago

Well this isn't difficult at all. This is the simplist method and honestly safest with the least impact to your users, it allows data to flow in but not out of the company.
First create a ROOT KEY specific for to your media, so for example create a new key to be inherited on the root level as "ENC_MEDIA_KEY" or something along those lines.
Next go to your root policy and create a new policy item for device protection choose the target as removable media, set meda encryption mode as file based, set algorithm as AES-256, set the key to be used as a defined key on list, and on the list specify the key you created as the first step. This will sign ALL your USB keys and files with the same key, all users will get that key as long as they have an "authorized" machine with a DX license.
The rest of the file settings set as you need, them, warning though SG Portable allows the users to sign the files with an alternate local key they specify with a symetric password meaning they can decrypt the file on the flash drive as needed. If that's the behaviour your want then train your users, if not then don't use SG Portable and tell them they need to use an authroized company computer to access the data PERIOD.
:24539
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data