Entrust Group Share - benefits | Entrust Group Share - components

Entrust Group Share - functioning

Entrust Entelligence Group Share is a "shared data encryption" or "network date encryption", it uses encryption for protection of the data of certain user groups, which is stored and organised for collaboration on network storage. Encryption of the information is persistent, the files remain encrypted when moved or copied to other media. Group Share is using AES 256 for encryption, the group keys are RSA.

Using Group Share is simple

- Users don't have to change their normal workflows, they don't have to learn special routines for security, they simply don't have to think about security.

- Group Share is not restricted to information on network shares. The encryption is persistent when files are moved to other storage media.

- Administrators are able to manage users, groups and permissions with convenient administration interface and don't have and don't need access to the data itself.

- offline access to data without connection to Group Share Server is possible and can be controled via policies. The cached decrytion keys can expire, so that a connection to the Group Share Server is necessary from time to time. In this way updates of the permissions are forced to the computers, which are offline from time to time

- there is no need for an extra backup encryption system, the current permissions are applied to restored data.

- rich web based administration interface, and seamless integration into existing infrastructure. (AD, PKI, SQL DB)

Have a look at the Group Share Flash Demo on the Entrust pages.

Group Share Server

Users are authenticated by Share Server. Authentication can be done via integrated windows authentication or certificates.

After authentication of the users, Group Share Server has to check the permission of the user for the requested information. If the user has the permission, Server authorises the access by sending the encryption key to the client. The necessary data like Group-Share groups (independant from AD groups), keys and audit data are stored in an SQL database.



	Files, folder and keys of Group Share source: Entrust Inc.

Scenarios for Access

domain folder permission	GS client installed	GS Group Permission	GS Server Connection (or cached)	Access
NOK	OK	OK	OK	refused
OK	NOK	OK	OK	refused
OK	OK	NOK	OK	refused
OK	OK	OK	NOK	refused
OK	OK	OK	OK	granted

Use Case - Encryption of a file

1. user moves a file into an Entrust protected folder
2. user authenticates ot the Group Share server, (if not happened yet)
3. Group Share verifies user persmissions
4. Group Share sends the encryption key to the user.
5. the file is encrypted on the client transparently
6. the encrypted file is moved into the protected folder.

Encryption of a file source: Entrust Inc.

Use Case - Accessing a protected file

1. User wants to open a protected file
2. user authenticates ot the Group Share server, (if not happened yet)
3. Group Share verifies user persmissions
4. Group Share sends the dencryption key (protected) to the user.
5. the encrypted file is moved to the client
6. the file is decrypted transparently and the application starts.

Access to an encrypted file source: Entrust Inc.

		DOWNLOADS

	Entrust Encryption Solutions
	Data sheet: Entrust Entelligence Group Share
	Entrust White Paper: Protecting sensitive Data on Shared Networks
	Entrust White Paper: Encryption 101
	see the Group Share Flash Demo
	of course, there are more information material for interested customers - please contact us

Entrust Group Share - benefits What do companies gain from the usage of Entrust Entelligence Group Share? What security targets are covered by Group Share?

Entrust Group Share Entrust Entelligence Group Share is an encryption solution which secures information stored in networks for collaboration. It is perfect for user groups working with sensitive data.