|SafeGuard Management Center - advanced / Rules for assigning and analyzing policies|
Two policies (P1 and P2) are created. File-based encryption for drive E:\ was defined for P1, and volume-based encryption for drive E:\ was defined for P2. P1 is assigned the OU FBE-User and P2 the OU VBE-User.
Case 1: A user from OU FBE-User logs on first to the Client W7-100 (container computer). Drive E:\ is encrypted with file-based encryption. If a user from the OU VBE-User then logs on to Client W7-100, drive E:\ will be encrypted with volume-based encryption. If both users have the same key, both can access the drives or files.
Case 2: A user from OU VBE-User logs on first to the computer W7-100 (container computer). The drive is encrypted with volume-based encryption. If, now, a user from OU FBE-User logs on and has the same key as users from OU VBE-User, drive E:\ will be encrypted with file-based encryption within the volume-based encryption (the volume-based encryption is kept). However, if the user from OU FBE-User does not have the same key, they cannot access drive E:\.