Use cases and Restrictions of using Information Centric Encryption (ICE)

book

Article ID: 170939

calendar_today

Updated On:

Products

Information Centric Encryption CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

What are the restrictions and the typical use cases of using Symantec Information Centric Encryption (ICE) with CloudSOC?

What are the restrictions on using Information Centric Encryption?

Resolution

Functionality with ICE

  • Secure sensitive data stored in cloud services by encrypting content during an upload action (via Gatelet) or by scanning and encrypting content at rest (via Securlets).
  • Secure content on endpoints by encrypting sensitive content during download actions (via Gatelet), while preserving online SaaS application collaboration capabilities.

 

Caveats when using CloudSOC with ICE

  • You can configure multiple Key Servers, but only one can be active at any one time.
  • We recommend that you disable the Box Sync desktop application at the Box admin console.
  • ICE does not support selecting multiple files for download at one time; you can only download files individually.
  • When a file is encrypted by a Securlet-based policy, any modifications you make to the encrypted file, (for example by downloading, decrypting, editing, and saving it) result in a new version of the file. However, if you upload the original unencrypted file again, once the file is encrypted it replaces the original file, eliminating the file's version history.