|Synchronized Encryption / Encrypt data|
Where policies are assigned along a hierarchy chain, the policy closest to a target object (user/computer) is the highest ranking. This means that as the distance to the target object increases a policy will be superseded by any policies that are closer. Policies of type No Encryption can be used to interrupt the inheritance of encryption policies at certain locations in the hierarchy chain. For subordinate levels the No Encryption policy will be valid as well.
Depending on module and version, the behavior of the endpoints varies.
Policies of type Application-based (Synchronized Encryption) are NOT merged. The policy closest to the target object (user/computer) in a hierarchy chain is always applied. If it is the closest, a No encryption policy will become effective.
Policies of type Location-based are merged. If several policies are assigned, their content is evaluated according to certain rules, see Rules for assigning and analyzing policies. For the Resulting Set of Policies (RSOP) see, Location-based File Encryption policies in the RSOP. Within an assignment, the policy with the highest priority (1) ranks above a policy with a lesser priority. If it has the highest priority, a No encryption policy will become effective.