Personal Keys for file-based encryption by File Encryption

A Personal Key is a special type of encryption key that is created for a specific user and cannot be shared with other users. A Personal Key that is active for a specific user is called an active Personal Key. Active Personal Keys cannot be assigned to other users.

In File Encryption policies, you can define encryption rules that use the placeholder Personal Key instead of a key name. For such rules, the encryption key to be used is the active Personal Key of the user.

When you define an encryption rule for the path C:\encrypt to be encrypted with the Personal Key, different keys are used for different users. You can thereby ensure that information in specific folders is private for users. For further information see Location-based File Encryption.

If a File Encryption rule defines a Personal Key to be used for encryption, Personal Keys are created automatically for the relevant users, if they do not have active Personal Keys yet.

As a security officer with the required rights, you can create Personal Keys for selected users or all users in selected groups in the SafeGuard Management Center. You can also demote active Personal Keys, for example when a user leaves the company.