In the Management Center, go to Policies.
Go to the Application Lists entry of the
Policies list view.
Right-click Template and click Duplicate
Template_1 is displayed.
Right-click Template_1, click Properties and
enter a new name.
Click on the new application list.
On the right-hand pane, the content of the template is
If you want to create Application Lists for Macs, change
to the OS X tab.
Go through the list and deactivate applications for which you do not want to
apply encryption. Deactivating the Active option to the
right of an Application Group Name will deactivate all
applications in the group. Deactivating the Active option to the right of a
particular application within the group will deactivate this application
Add further applications to existing groups.
Right-click the group to which you want to add an application, click
New and then
In the Application Name edit field, enter a name
of your choice for the application.
Under Process location, specify the path
including the executable. You can enter the path manually or you can use
the placeholders from the drop-down list.
You can specify all versions of an application under one
Application name. For example Acrobat
Reader 11.0 and Acrobat Reader DC under Application
File Extension: The file extensions you specify
here do not have any implication for Application-based
(Synchronized Encryption) file encryption but for
initial encryption of existing files. Existing files covered by
encryption policies are not encrypted automatically. To encrypt these
files, initial encryption must be performed on endpoints. Files with the
file extensions you specify here will be encrypted with the Synchronized
Encryption key during initial encryption. You can enter file extensions
with or without a leading dot (for example ".txt" or "txt"). Wildcards
are not supported.
The location where initial encryption is to be applied has to be
specified when creating a policy for the
Application-based file encryption.
If you deactivate an application group, the file extensions you
specified for initial encryption within the group will be deactivated as
OS X only: If necessary, add locations to be excluded from encryption to
the Excluded location table to ensure proper
Add further application groups:
You can use application groups to collect for example all parts of a software
suite under one node. This allows you to deactivate all parts by deactivating
only the group.
Right-click the Template tree view, click
New and then Application
In the Application Group Name edit field, enter
a name of your choice for the group.
Add further applications to the group.
When you leave the template view, the system prompts you to save your
The new application list is displayed under Application Lists
in the Policies
list view. You can create further application
lists and use them in different policies for application-based file encryption.
recommend that you add all applications that are able to handle the same file types
(for example .docx) to the application list. You should not add applications that
share data over the internet (for example email clients, browsers).