About Smartcrypt Policy

A policy enables an administrator to control how Smartcrypt is used—particularly with respect to encrypting and digitally signing files. By applying a policy, an administrator can lock selected Smartcrypt options to desired settings.

When an option is locked, the check box or other control ordinarily used to set the option is disabled and grayed. Controls are also grayed if they are incompatible with some locked setting.

For example, to ensure that email attachments are always encrypted, an administrator can apply a policy that locks the settings of two Smartcrypt options relating to Mail:Zip attachments and Encrypt attachments. Smartcrypt will then always zip and encrypt Outlook email attachments until those options are unlocked and turned off.

How Locks Are Set

Locks on options are set by defining a policy in Smartcrypt Manager. Policy locks are not set from Smartcrypt.

Options That Can Be Locked

The table below lists the options that can be locked by a policy. Options in the table are organized in these main groupings:

  • Desktop Application: Options that only affect operations that do not concern email.

  • Shared Settings: Options that affect both operations that do concern email and operations that do not. For example, the setting for Compression method is shared and affects both.

  • Other: Options affecting general application behavior and integration with MS Office applications other than Outlook.

Option

Where Located

Desktop Application

 

Encrypt files

Security options, ZIP and OpenPGP pages

Sign files

Security options, ZIP and OpenPGP page

Shared Settings

 

Encryption

 

Method2

Security options, ZIP page

 

Algorithm2

Security options, ZIP and OpenPGP pages

 

Passphrase encryption

Security options, ZIP and OpenPGP pages

 

Strict checking

Security options, ZIP page, View Certificates

 

Check revocation

Security options, ZIP page, View Certificates

Signing

Sign

Security options, ZIP and OpenPGP pages

Algorithm

Security options, ZIP and OpenPGP pages

Strict checking

Security options, ZIP page, View Certificates

Check revocation

Security options, ZIP page, View Certificates

Check revocation when verifying signatures

Security options, ZIP page, View Certificates

Other

Use FIPS 140 Mode

Security options, General page

Certificate stores

Security options, Certificate Stores page

Office Integration

Office Integration page

   

2 When an existing archive that contains encrypted file names is updated, the encryption method and algorithm originally used to encrypt the file names take precedence over any different settings for method and algorithm that are locked. An archive with encrypted file names retains its original encryption when it is updated.