Policies tab

This tab is only displayed when SafeGuard File Encryption is installed.

In the Policies tab, click on one of the icons in the lower right corner to switch between the Locally Translated Path view and the Received Policies view.

  • The Locally Translated Path view displays only those policies which currently apply to the logged-on user on a specific Mac. The columns in the table contain the following information:
    • @: During initial encryption or when encrypting larger files, you can see a rotating wheel in the first column.
    • Locally Translated Path: Displays the location on your Mac.
    • Mode: Indicates whether a location is defined to be encrypted or excluded from encryption.
    • Scope: Indicates whether subfolders in a location are to be encrypted.
    • Key Name: Displays the name of the key assigned to the specified location.

      Your personal key is displayed in blue.

      A key that is displayed in orange means it has been configured in a policy that was assigned to you. But, you do not own the key, as it was not assigned to your keyring. This can cause trouble when accessing data. In this case contact your security officer.

  • The Received Policies view displays all policies which are received from the server. The table lists the following information:
    • Received Policies: Specifies which files or folders to encrypt.
    • All other columns contain the information described above for the Locally Translated Path view.

Enforce policies in the Locally Translated Path view

  • When no policy is selected, you can click the Enforce all Policies button to start initial encryption. For more information, see Encrypt files according to policy.
  • When you select a policy, you can click the Enforce Policy button to apply the selected policy only.
  • When you select a policy, you can click the Show in Finder button to open the selected Secured Folder in the Finder.

Possible results from enforcing policies

  • Plain files are encrypted with the key assigned by a policy.
  • Files already encrypted with the key specified in the policy remain encrypted.
  • Files already encrypted with a different key are either
    • unchanged if the user does not have the required key in their keyring or
    • re-encrypted with the key assigned by a policy if the user has this encryption key in their keyring.
  • Files in folders that are excluded from the encryption policy are decrypted.
  • Files that are not accessible because of missing permissions (read-only) are left unchanged.