File Share Encryption

 View Only
  • 1.  Forcing a PGP key onto keyrings

    Posted Oct 10, 2016 11:42 AM

    Does anyone know a way to make sure that a specific key be automatically added to every keyring in an organization?

    I have an ADK, but using the DLP-PGP endpoint agent integration, I can only add an alternate PGP group admin to the PGP ACL if the key already exists on the endpoint's keyring. It could be any key, but in my case, this would be a PGP group key.

    I would just like to make sure that every keyring in the org contains a key or keys specified by the PGP admin.



  • 2.  RE: Forcing a PGP key onto keyrings

    Posted Oct 25, 2016 08:41 AM

    Looking into this more I see that I can add an ADK to each group and it will automatically appear on the keyrings, but the problem with this is that the ADK added is just a public key and only good for encryption, not decryption.

     

    I can add a key pair to each group as a group key, but I can't add the same key pair to every group and even if I could, the group key isn't automatically on the keychains.

     

    What I need is for one user to encrypt data using their own key and a group keypair and have every other user in the organization be able to decrypt the file without using an ADK.



  • 3.  RE: Forcing a PGP key onto keyrings

    Posted Nov 08, 2016 08:30 PM

    You should setup fileshare encryption. It's a feature of Symantec Encryption Desktop. You would be able to create encrypted fileshares where anything that is dropped into that fileshare is encrypted in a way that a group of users can access it. You can add individual keys and group keys at well. As fileshare administrator, you can set several group keys. Anything that gets added will be encrypted to the group keys and to your key. Only the fileshare administrators can fully decrypt the share. However, users can easily access add and modify the files with their keys while the data is encrypted.

     

    "Symantec File Share Encryption powered by PGP Technology allows users and groups to automatically or manually encrypt files and folders on laptops, desktops, and file servers for secure file sharing. Files and folders can be automatically encrypted based on policy or manually using a simple drag-and-drop interface."

    Best Practices for Creating and Managing Symantec FileShare Encrypted Folders - http://www.symantec.com/docs/TECH176017