Solution
I. Create encryption keys
We recommend that you create a common denominator Encryption Key, for example, an "All Staff" encryption key so that you can share sensitive information freely throughout your organization. Once the common denominator Encryption Key is created, you can create more specific Encryption Keys (for example, a "Management" or "Accounts" key).
To create an Encryption Key:
- Log in to ESET Endpoint Encryption (EEE) Server and click Organisation.
- Click the Encryption Keys tab and then click Create.
Figure 1-1
- In the Encryption Keys window, name the key appropriately, select the applicable algorithm (AES, Blowfish or 3DES) and then click Add.
II. Create Encryption Key groups
Once you have created all of your Encryption Keys, you will then need to create your Encryption Key Groups.
- Click the Encryption Key Groups tab and then click Create.
- In the Encryption Key Groups window, name the team appropriately. We recommend naming your Encryption Key groups to mirror your team names to ensure transparency with which users have access to which Encryption Keys.
- Once you have created all of your Encryption Key groups, you will need to assign Encryption keys to the Encryption Key groups. Double-click an Encryption Key group and click Details.
Figure 2-1
- In the Encryption Key group details window, click Add.
Figure 2-2
- Select the appropriate Encryption key from the currently unassigned Encryption Keys. Click OK. The keys are added to your new Encryption Key Group.
III. Assign keys and key groups to users
Once Encryption Keys and Encryption Key groups have been created, they will need to be assigned to users. This process can be done in one of two ways:
- Assign a common key to all users
- Assign a specific set of keys to specific teams or users. You will need to first add users or import users from Active Directory.
To assign a common key to all users:
- Click Users.
- Click the Encryption Key Groups tab and click Join Group.
Figure 3-1
- In the Join Group window, all of the Encryption Key groups will be displayed. Click the applicable Encryption Key group and click Join.
If you add multiple Encryption Key groups to Users, all Encryption keys will cascade down to all subsequent teams you create, or that are imported from Active Directory. All users will have access to those encryption keys.
If you have already created or imported your users, perform a Key-File update to post the new key to the cloud. The key will be picked up by the end-user once a proxy sync is performed on the client machine.