Synchronized Encryption

 WinClient     macClient

This section applies to both Windows and macOS. Where the information is relevant to only one of them, this will be mentioned explicitly.

Modules

  • Application-based file encryption

    SafeGuard Enterprise Synchronized Encryption can encrypt any file created with an application specified in a policy, regardless of its file location. For these applications encryption is automatic. They are also called In-Apps.

    For example, if you specify Microsoft Word as an application for which file encryption is turned on, every file you create or save with Microsoft Word is automatically encrypted. Anyone whose key ring includes the key used to encrypt the file can access it.

    By default SafeGuard Enterprise encrypts files with the Synchronized Encryption key, see Synchronized Encryption key.

Additionally you can:

  • Define locations where a key other than the Synchronized Encryption key is used for encryption, for example the Personal key.
  • Exclude folders from encryption.
  • Use only Defined locations where the defined applications encrypt their data.

  • Outlook Add-in for Windows

    To make life easier for an end user, Synchronized Encryption provides an Outlook Add-in that can automatically detect an email being sent outside the organization with a file attachment. It will then ask which option (Password protected, Unprotected) the user wishes to choose. If required, the user can set a password in the dialog displayed. Alternatively, you can use a policy to define a default action that is performed automatically without any user intervention.

  • Integration with Sophos Central Endpoint Protection - remove keys on compromised machines

    In combination with Sophos Central Endpoint Protection, keys can be removed automatically if malicious activity is detected on endpoints.

    This feature is only available if you use web-based Sophos Central Endpoint Protection together with SafeGuard Enterprise.

  • Share key ring between SafeGuard Enterprise and Sophos Mobile

    Encryption keys from the SafeGuard Enterprise key ring can be made available in the Sophos Secure Workspace (SSW) app managed by Sophos Mobile. Users of the app can then use the keys to decrypt and view documents, or to encrypt documents. These files can then be securely shared between all SafeGuard Enterprise and SSW users.