|
|
 |
 |
|
 SecureDoc Configuration - Client Installation Pack
| SecureDoc - User's View
|
SecureDoc Operation & Administration |
| |
|
|
|
SecureDoc Enterprise Server is allowing a lot of configuration options and can be customized nearly for any possible enviroment and requirement. It starts at small and simple companies without any security threats and also covers huge organisations with complex structures and very sensitive information. Each of these possible configurations has its own demands on administration and needs different tasks to be done. For example, settings of client computers inside one location are diffferent to handle as distributed single computers, which might not even have a connection to the corporate network. We now want to look at a few, simple and frequently needed, administration tasks in a simple structure.
Find here some examples of simple administration tasks which will occur again and again.
|
Converting from password protection to smartcard o |
Protection of all information and data on encrypted media and on encrypted computer hard disks depend on the protection of the keyfiles. Anyone, who has access to the keyfile, also has access to all information, encrypted for this user (key).
Although the keyfile is equipped with a counter, which locks the keyfile when a configurable threshold of attempts is reached, which makes a ‘guessing’ attack unsuccessfully, a password is still a weak protection. Everyone who knows the password has access and there are many ways a password can fall into wrong hands. It may happen, that a user is choosing a weak and easy
guessable password (1234, company name, his name – weak password policy) or he maybe is writing it down on the backside of his notebook (strong password policy), or he is just telling it to somebody and the password becomes “common property”.
If there is a need for more protection, the user must be forced to authenticate with more than one factor -> using smartcard or smart token. Now he has to remember a pin AND he has to have an item. The user still could write down the Pin or tell it to the public, but just knowing the pin would not lead an attacker to success. He also needs the token, which is in the users wallet (hopefully).
In a high security enviroment, you can “attach” the token to the user by using a biometric attribute instead of a pin (fingerprint). The user can not give his token or smartcard plus pin to collegues anymore to allow them to log on with his identity.
In our sample installation we want to implement higher security now by forcing the user to log on with a smartcard and a pin.
Therefore we configure an existing user to log on with smartcard only. We open the management console again and authenticate to the master key file. Then we select a user object (right click) and choose „modify user“.
.....
|
|
|
|
- Download Step-by-Step Guide: SecureDoc Administration
|
|
|
|
|
|
|
|
|
|
 |
|
|
|
|
|
|
|
|
|
|
Legal notice