Managing GuardPoints

A GuardPoint specifies the list of folders that contain paths to be protected. Access to files and encryption of files under the GuardPoint is controlled by security policies.

Before you apply GuardPoints:

• A CTE Agent must be installed on the client system and registered with CipherTrust Data Security Platform Service. Refer to the CTE Agent Quick Start Guide specific to your platform for details.

• A client must be added to the CipherTrust Data Security Platform Service. The client is automatically added to the CipherTrust Data Security Platform Service on successful registration with the CipherTrust Data Security Platform Service.

• Policies must be created using the encryption keys on the CipherTrust Data Security Platform Service. This involves creation of policy elements and encryption keys. Refer to Managing Policies for details.

• A GuardPoint must be created. No one must be using the directory to be guarded before making it a GuardPoint.

• Ensure that the total number of guardpoints is 100 or fewer per client, as we recommend. If you need to deploy more guardpoints, contact Thales.

If users are working on the directory when it is made a GuardPoint, they can continue to use data in memory rather than use the actual data in the GuardPoint. Inform users to:

• Save their work

• Close applications that are running on the directory

• Exit the directory before applying the GuardPoint

When the users re-enter the directory, they will use protected data and the CTE Agent will work appropriately.

Related Topics

• Secure Start GuardPoints

• Considerations Before Creating GuardPoints

• Creating GuardPoints

• Enabling Secure Start for GuardPoints

• Protecting Teradata Appliances

• Automatic and Manual GuardPoints

• Viewing GuardPoints

• Viewing GuardPoint Status

• Changing SMB Connection

• Removing GuardPoints

• Disabling GuardPoints

• Enabling GuardPoints

• Enabling and Disabling MFA on GuardPoints