21.1 Terminology Overview

Authorized Software

Authorized software refers to software used for editing important documents, such as Microsoft Word, AutoCAD, Photoshop, Visual Studio, etc.

In an encryption system, documents created using authorized software are automatically encrypted, and when opened using authorized software, the encrypted documents are automatically decrypted. Unauthorized software cannot view encrypted files, and computers with encryption functionality disabled cannot view encrypted files.

Security Area and Level

Security area and level are used to distinguish the access permissions for encrypted documents across different clients within the organization. By default, there is a public security area, and custom areas such as Marketing and Finance departments can be added. There are five security levels: Ordinary, Internal, Confidential, Secret, and Top Secret. The security level increases from Ordinary to Top Secret.

In the console's encryption authorization settings, you can configure which clients can access specific security areas and levels. In the document properties of encrypted files, you can set the security area and level required to access the document.For example, if a client has access to the Ordinary level in the Marketing department, they can access encrypted documents with the Ordinary level in the Marketing department but cannot access documents with the Ordinary level in the Finance department.

Document Permissions

Document permissions are used to distinguish the access rights of different users within the organization for encrypted documents.

The entities in encrypted documents include the creator and the reader. The creator is the user who encrypts the document, while readers are the users who can access the document. A single encrypted document can only have one creator, but multiple readers. The user permissions for an encrypted document include: read, modify, copy, print, screenshot, decrypt, set permissions, and validity date.

In the console's encryption authorization settings, you can configure the document permissions for newly created encrypted documents. In the encrypted document properties, you can specify the users who can access the document and their permissions. For example, if an encrypted document has Lucy as the reader, with permissions to read and modify, but copy, print, screenshot, decrypt, and set permissions are prohibited, then:

  • Lucy can read and modify the document but cannot copy, print, screenshot, decrypt, or set permissions for the document.
  • Sam cannot read the document at all.

Since document permissions are user-specific, the encryption document permission feature must be used in conjunction with User System Management, otherwise, the feature will not be effective.

Online and Offline

When the client can connect to the server, it is considered online; when the client cannot connect to the server, it is considered offline. For example:

  • A laptop connected to the company's local network can access the server, so it is online.
  • The same laptop taken home, unable to connect to the server, is offline.

Generally, when the client leaves the corporate environment, file encryption and decryption are not allowed. However, if access to encrypted files is necessary, offline permissions can be set.

In the console’s Encryption Permission Settings interface, you can configure the permissions for the client when it is online. In the Offline Permission Settings interface, you can configure the permissions for the client when it is offline.

Backup Mode

When the main server encounters issues, such as stopping or crashing, the backup server will be activated and enter Backup Mode. This indicates that the current AnySecura encryption system is operating in backup mode. The client will then connect to the backup server and transition to backup mode, retaining the encryption and decryption permissions as if it were online.

Decryption

Encrypted documents within the enterprise sometimes need to be sent to external personnel. In such cases, the document must be manually decrypted into a standard document for external parties to view.

Employees with decryption permissions can directly decrypt documents. Employees without decryption permissions can apply to the administrator for decryption. Once the administrator approves the request, decryption will be permitted.

Outbound (External Sending)

Sometimes, encrypted documents within the enterprise need to be sent to specific external personnel for viewing, and to prevent secondary leaks, the document can be generated as an outbound document.

Employees with outbound permissions can directly generate outbound documents. Employees without outbound permissions can apply to the administrator for outbound authorization. Once the administrator approves the request, the employee will be allowed to generate the outbound document.

External personnel need to install the Outbound Document Viewer in order to view the outbound documents.

Don't see what you're looking for?

Visit our knowledge base
Know more about AnySecura
Read latest news
Discover what's happening now
Need assistance?
Contact us now