Skip to main content

Managing encryption rules for SharePoint Online

Kalle Windefalk
Updated
SmartEncrypt's SharePoint Online "virtual client" enables you to create encryption rules for files stored in SharePoint from directly within the SharePoint Online interface.  This means that there is no need to sync files locally to set encryption rules and force encryption on existing files located in SharePoint (or MS Teams), it can be actioned directly in the cloud (Sharepoint).  Files can then be added via the SharePoint online interface, or to equivalent synced locations in OneDrive and they will be automatically encrypted in accordance with the encryption rule.
 
Important...
Before you begin, ensure you have installed the SmartEncrypt for SharePoint Online app into your SharePoint tenant.
 

Creating an encryption rule in SharePoint

  1. In SharePoint Online, navigate to the location where you wish to create the encryption rule.
  2. Select the folder on which you wish to apply the rule and click the Encrypt button on the SharePoint command bar (the button may appear in a slightly different location to that shown, depending on your view).
    image__54_.png
  3. In the Add a new rule screen:
    1. Select the encryption key you wish to use (you can only choose from keys that have been assigned to you).
    2. Make any changes to groups to whom the rule should be applied if not the default (optional).
    3. Click SAVE.
      image__55_.png
  4. Click OK at the prompt if you wish to create the rule, or Cancel to go back to the Add a new rule page and make any adjustments.
    image__56_.png
  5. Once you click OK, you will be returned to SharePoint and the files will begin encrypting, starting with the parent folder.
  6. The rule you created will also appear in the Management Console.
    image__57_.png
 


Deleting SharePoint encryption rules

Deleting a rule via the SharePoint Online interface

Note:
Deleting an encryption rule via the SharePoint interface will also decrypt any encrypted files on the fly.  If you wish to remove the encryption rule but leave encrypted files as they are, delete the rule via the Management Console instead.
 
To delete an encryption rule via the SharePoint interface:
  1. Navigate to the location from where you wish to delete the encryption rule.
  2. Select the folder which has the rule applied and click the Decrypt button on the SharePoint. command bar (the button may appear in a slightly different location to that shown, depending on your view).
    image__58_.png
  3. Click the DECRYPT button 
    image__59_.png
  4. Type DELETE into the field at the prompt to begin decrypting the files and remove the rule from the Management Console
    image__60_.png
 
 

Deleting a rule via the Management Console

Note...
Removing a SharePoint encryption rule from the Mangement Console will remove the rule from the folder in SharePoint but will not decrypt any files. Files remain encrypted until they are decrypted manually.
 
To remove a SharePoint rule via the Management Console:
  1. Navigate to the Manage Rules page in the Management Console
  2. Locate the rule you wish to delete and click the delete button next to the rule
    image__61_.png
  3. At the prompt, type the word DELETE and click OK
    image__62_.png
  4. The rule will be removed from the console and from the folder in SharePoint but any encrypted files will remain so. Files can be added to the location without being automatically encrypted. 


Good to know...
  1. Only SmartEncrypt Administrators may create or delete SharePoint encryption rules. Other user types do not have permission to encrypt or decrypt files in SharePoint locations due to them being a shared location.
  2. The user creating or deleting rules in SharePoint must also have an active SmartEncrypt user account with matching email address.
  3. SharePoint encryption rules can only be created from the SharePoint interface, they cannot be created from within the Management Console.
 

Creating an encryption rule in MS Teams

While it is not possible to create encryption rules from directly within the Microsoft Teams interface, they can be created by navigating to the associated Teams site location within SharePoint Online and creating a rule following the steps as per creating rules for SharePoint locations.
 
Once created, users will see an additional column in the Files tab of the relevant Teams indicating whether or not a file is encrypted and with which key (It is recommended that users re-launch teams to see these updates).

2022-04-06_9-03-20.png
 

Related articles

Comments

0 comments

Please sign in to leave a comment.