Set Security Options

Set Security Options

You can turn on all the main options related to security from the General page of Security options. The other pages of Security options mostly contain configuration settings that determine how the options work when turned on.

  • FIPS Mode: Use FIPS mode to comply with U.S. Federal government security practice requirements.

  • Certificate Stores: Add directory stores to the list of repositories Smartcrypt searches for digital certificates when you encrypt with a recipient list. You do not need to make any settings on this page unless you want to configure Smartcrypt to access OpenPGP key stores, certificate stores in LDAP-compliant directories, or want to change such settings.

  • Shred files:  If you want to prevent recovery of temporary files that Smartcrypt deletes, you can have Smartcrypt shred them. Shredding a file overwrites the file's data so that it cannot be read.

  • Temporary file deletion: When you open files directly from an archive, Smartcrypt extracts temporary copies of the files for you to work on. Choose how to deal with these temporary files.

  • Delete original files: Routinely delete the original files either after successfully adding copies to an archive, or when you encrypt a file.

Additional Options Pages

Set additional security options in these pages:

  • Configure whether and how to sign and encrypt zipped files on the ZIP page.

  • Configure whether and how to sign and encrypt files with OpenPGP on the OpenPGP page.

  • Your system administrator may have provided you with one or more Locker folders. Dropping or saving any file into this folder automatically encrypts that file with a Smartkey. The Lockers page displays a list of these locked folders.

Note: Some options described here may be disabled by Smartcrypt Policy. Contact your Smartcrypt Policy Administrator for more information.

To access the General page:

1.  Select Options from the Application Menu.

2.  Select the Security category.

Checking for expired certificates online

When you check the Perform online revocation checks box, Smartcrypt uses the Online Certificate Status Protocol (OCSP) to attempt to discover whether the certificate you are using has been revoked. This protocol will search known certificate revocation lists on the Internet.

Be aware that:

  • As the OCSP is a relatively new protocol, only certificates issued recently will match the search criteria.

  • Online certificates searches can take some time. Your network may time out before you receive results.

Notify about expiring certificates

To see a notice when you use a certificate that is about to expire, check the Notify about expiring certificates box.

This option displays a dialog that says it's time to renew or replace your certificate. There is also a button that lets you select a different certificate to use instead.

The dialog first displays when the certificate is within 15 days of expiring. It displays again at seven days or less from expiration and again at one day or less from expiration. The dialog displays every time you use a certificate that has expired.