Overview

TDE keys perform encryption. Without a TDE key, a Smartpoint can not be created. You may add TDE keys to be used for encryption at any point in the Smartcrypt TDE Manager.

Adding a TDE Key

Key Rotation

Key Rotation is an aspect of the Smartcrypt TDE Manager that allows you to decide when a TDE key should no longer be used. Within the drop down menu, a number of time frames appear ranging from 1 month to 10 years. Once the TDE key reaches this age, a new TDE key is created and used. The previously used TDE key(s) will continue to be distributed along with the new TDE key until the old TDE key(s) is retired or destroyed.

Key Retirement

The age selected in the Key Retirement drop down menu dictates when a TDE key is no longer used for encryption or decryption. However, this TDE key can be pulled out of retirement by changing the age back to None or increasing the age for retirement.

Key Destruction

At the age selected in the drop down menu, the TDE key is destroyed. This TDE key will never be able to be used again for decryption or encryption, so any file encrypted with this TDE key can not be unlocked in the future.

** IMPORTANT: Key Destruction is permanent.

Team

By selecting a team within the drop down menu, you give the members of the team access to the TDE key. This means the team can decrypt any file encrypted with this specific TDE key as well as encrypt any file using the TDE key.

Editing a TDE Key

You may edit a TDE key at any point in the Smartcrypt TDE Manager. You may adjust the age of key rotation, key retirement, and key destruction. The team which has permission to decrypt files with the TDE key and encrypt files with the same key may be changed as well.

Deleting a TDE Key

You may delete a TDE key at any point in the Smartcrypt TDE Manager.

** IMPORTANT: Deleting a key has the same effects as key destruction. It is permanent. Any file encrypted with this TDE key can not be decrypted in the future.