Overview
- In this article, we will emulate user activity, then we will use SafeGuard Management Center to check and see the actions.
Scenario
- We will create Microsoft Word Document on Client 1 , Client 2, Client 3.
- Perform Microsoft Word Document manual encryption and then perform Microsoft Word Document manual decryption on Client 1, Client 2, Client 3.
- Use SafeGuard Management Center to check the encprytion actions that have just happened on Client 1, Client 2, Client 3.
- Check to see what file the name is encrypted/decrypted, the path of the file, who made it…..
What to do
- You must install Sophos SafeGuard Server on Server and install Sophos SafeGuard Client on Client 1, Client 2, Client 3.
- To install, you can see instruction here :
- Install Sophos SafeGuard Server
- Install Sophos SafeGuard Client
Configuring
On Client 1-2-3
- Right-click on Desktop > New > Microsoft Word Document.
- Right-click on Microsoft Word Document > SafeGuard File Encryption > Encrypt selected file > choose Encrypt.
- Now, the file has been encrypted.
- Right-click on Microsoft Word Document > SafeGuard File Encryption > Decrypt selected file > choose Decrypt.
- Now, the file has been decrypted.
On SafeGuard Server
- Open SafeGuard Management Center, login admin with your username and password.
- Click Report > File Tracking Management.
- Click the magnifying glass icon in the “File Tracking Management” pane.
- Drag the Event ID column header Into the gray area where it says ‘Drag a column header here to group by that column’.
- This group the list by Event ID.
- As seen, action of encrypt and decrypt file has been recorded, we can know whether the file is encrypted or decrypted, who made it, the path of the file, name the computer, name the user, which time it occurred …
Leave a Reply