Creating policies for removing keys on compromised machines

To protect data when malicious activity is detected on endpoints:

  1. In the Policies navigation area, create a new policy of the type General Settings or select an existing one.
    The General Settings tab is displayed.
  2. Go to the File encryption section.
  3. From the Remove keys on compromised machines drop-down list, select Yes.
    Now keys will be removed on the endpoints if malicious activity is detected. A message will be logged.
    Note: Malicious behavior will always be logged to the SafeGuardĀ Enterprise database, regardless of the settings for the Remove keys on compromised machines option.
  4. When you leave the General Settings tab, the system prompts you to save your changes.
  5. Click Yes.
  6. Go to Users and Computers and assign the new policy to your user groups.