Highlighted
Knowledge Partner
Knowledge Partner
223 views

MS Data Encryption Policy - controlling access

Jump to solution

ZCM 2020.  This may be more of a Microsoft question, but I've spent some time searching and have yet to find an answer.  I just created a test policy for MDEP.  The policy just encrypts a single folder and is assigned to my PC.  As soon as the policy applied, the folder and its files changed color signifying they were encrypted.  I logged into the PC as another user assuming the files would be encrypted and the second user would not have access.  But I was able to open and read the files.  Am I missing something within the ZCM Security Policy or is there something additional required on the Windows side to make this work properly?

--
Ken
Knowledge Partner

Create and vote for enhancements in the Idea Exchange forums!
Don't forget to Like helpful posts and mark Solutions!
0 Likes
1 Solution

Accepted Solutions
Highlighted
Knowledge Partner
Knowledge Partner

And after a little more digging, I found the following in the ZCM help screen:

-------------------------------------

Folders that you add to the Default Encrypted Folder list can be private to the end user or public, depending on the folder path. Any folders you add in the user’s directory are private folders, and any folders you add outside the user’s directory or public folders. For example:

  • Private folder: C:\%USERPROFILE%\Documents

  • Public folder: C:\EncryptedDocuments

IMPORTANT:All folders created by a user on a device with the policy applied are private folders. Public or multi-user folders as described above are NOT currently supported.

-------------------------------------

The above was copied directly from help...I think this line "and any folders you add outside the user’s directory or public folders." should read "and any folders you add outside the user’s directory ARE public folders."

The IMPORTANT section first states that all folders created by the user are private.  This is wrong.  My testing shows that folders created within the user's profile are private.  And the reason my first test was failing was because I created what is defined above as a public folder.  This text should be corrected also.

But at least I know how it works now.

--
Ken
Knowledge Partner

Create and vote for enhancements in the Idea Exchange forums!
Don't forget to Like helpful posts and mark Solutions!

View solution in original post

0 Likes
3 Replies
Highlighted
Knowledge Partner
Knowledge Partner

And after a little more digging, I found the following in the ZCM help screen:

-------------------------------------

Folders that you add to the Default Encrypted Folder list can be private to the end user or public, depending on the folder path. Any folders you add in the user’s directory are private folders, and any folders you add outside the user’s directory or public folders. For example:

  • Private folder: C:\%USERPROFILE%\Documents

  • Public folder: C:\EncryptedDocuments

IMPORTANT:All folders created by a user on a device with the policy applied are private folders. Public or multi-user folders as described above are NOT currently supported.

-------------------------------------

The above was copied directly from help...I think this line "and any folders you add outside the user’s directory or public folders." should read "and any folders you add outside the user’s directory ARE public folders."

The IMPORTANT section first states that all folders created by the user are private.  This is wrong.  My testing shows that folders created within the user's profile are private.  And the reason my first test was failing was because I created what is defined above as a public folder.  This text should be corrected also.

But at least I know how it works now.

--
Ken
Knowledge Partner

Create and vote for enhancements in the Idea Exchange forums!
Don't forget to Like helpful posts and mark Solutions!

View solution in original post

0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

What version of ZCM?   Just asking because stuff in these area could see changes from version to version as they add in functionality.

--
Please give a hearty thumbs up to any post you find helpful!
To find articles by Craig Wilson simply follow the link: Craig Wilson's Tips!
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Just ZCM 2020.  I'm not aware of any updates to it yet.

--
Ken
Knowledge Partner

Create and vote for enhancements in the Idea Exchange forums!
Don't forget to Like helpful posts and mark Solutions!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.