SecureDoc Enterprise Server FAQ
What is the SecureDoc Enterprise Server?
SecureDoc Enterprise Server is an Administrative tool used to store the key file information of SecureDoc users. This information is securely kept in a centralized database. Larger Enterprises will benefit from the list of features available. Larger enterprises will benefit from the features available, such as remotre installation, password recovery, multiple generation of key files, etc.
What is the difference between SecureDoc Enterprise Server and Key Management?
SecureDoc Enterprise Server provides Network Administrators the comfort and convenience of administering large user bases. Key Management is used to support a lower number of users. If you are Administering SecureDoc Users with SecureDoc Enterprise Server, you shouldnotuse Key Management.
What happens if a user forgets their password?
SecureDoc Enterprise Server provides a Password Recovery tool. The Administrator will create a response password based on the Challenge password of the user's key file. The response password will be used to log into the User's computer. This is a one time response password.
Our Enterprise consists of over 5000 users. Do I have to create 5000 user profiles individually?
No. SecureDoc Enterprise Server allows you to create multiple user profiles at one time.
Do I have to go around to each users computer to encrypt their disk?
No. SecureDoc Enterprise Server offers a tool called remote installation that creates the necessary files needed to install SecureDoc and encrypt the users disks. Before you can create the remote installation files, you must create the user key file information. You will need a distribution software product such as Microsoft SMS, Tivoli or Novell Zenworks to push the files onto the users computer. Once completed, it is as simple as double clicking an .exe file.
What are key files?
Only authorized personnel can access information protected with SecureDoc. The process of validating a user's authorization is called authentication. SecureDoc needs two pieces of information to authenticate you and to get the right Keys to access disk data: your key file password and the Key used to encrypt your disk. A key file contains the Keys assigned to the user, the user's privileges and more information. This file is encrypted by a Key, which can be derived from a password or hardware token. The key file can be stored on a floppy or hard disk.
What is the relationship between Boot Control and Boot Logon?
Boot Control is located in the SecureDoc Control Center and is used by the Administrator to configure Boot Logon. Boot Logon is the login screen that displays when your computer is started. From Boot Control, you can install and uninstall Boot Logon, change Boot Logon text/color, and configure which users can log into this computer. Remember, if your disk is encrypted, the key file logging in through Boot Logon will need to have the Key used to encrypt the disk.
Can I use Certificates already on my token to protect my keyfile?
Yes. SecureDoc should be able to work with existing Certificates already being used throughout your enterprise provided the tokens are supported.
What is the best way to administer SecureDoc key files?
You can configure SecureDoc so that it reflects the way your company operates. Most often you will only have one SecureDoc Enterprise Server that contains all your SecureDoc users. You may need to use a different approach if your company has separate groups (e.g., Sales, Accounting) that are administered separately. Each administrator may wish to their own group data private; in this case a centralized database will have to be created for each group so that only an authorized administrator can access the key file data for their group.