Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

121

122

123

124

125

126

127

128

129

130

Dell Security Center v10.2.7 AdminHelp

119

Inform internal users who will be in their access group and allow them to process shared files to ensure

a smooth transition. Inform them that this effort will minimize their having to request access to shared

files later.

• After Access Groups is enabled, a sweep occurs for Windows and Mac files. See

Disable_Auto_access_for_swept_files

. If files are shared by multiple users, the first computer to

be swept gives ownership of any shared files to the owner of that computer, not the original

author.

• All internal users within the same access group will have access to the file.

• If the original author of the file is not in the access group with the user whose computer

was first swept, the author must request access or request that the administrator

change ownership of the file

• External users' unprotected shared files are not swept.

• If Auto access will be temporarily enabled, instruct users that any internal user outside their

access group who has a copy of the file has permanent access to the key. In some cases, the

key cannot be revoked later. See Disable_Auto_access_for_swept_files

Note: After Auto access is disabled, for those outside an access group, the internal user can

grant access or users outside the access group can request access if they receive an encrypted

file. You can revoke the key access in the Management Console if needed.

Return to top

Enterprise has Data Guardian Installed

If you have Data Guardian installed, develop a plan for implementing access groups and creating a

smooth transition for users who have shared files.

Determine a transitional time range for deployment

Initially, enable Access Groups and Auto access for swept files for a transitional period. This should be a

brief time but owners of a protected, shared file should plan for any impact to that file.

Instruct users to process shared files

Inform internal users who will be in their access group and allow them to process shared files to ensure

a smooth transition.

• During the Auto-access transitional period, all internal users within the same access group have

access to the shared, protected files.

• If Auto access will be temporarily enabled, instruct users that any internal user outside their

access group who has a copy of the file and opens it has permanent access to the key. In some

cases, the key cannot be revoked later. See Disable_Auto_access_for_swept_files

• If a user does not open a file and auto access is disabled, they lose access.

• If an internal user already granted access to an external user, the external user will not lose

access.

• When a file is created after Access Groups is enabled, all users within that access group have

access to the file.

• If a user is removed from the access group, the user no longer has access to the files.

• If the owner of the file is removed from the access group, others who shared access

still have access.

For detailed information on the impact, see Disable_Auto_access_for_swept_files