Declaring the security administrator

Only in built-in key management mode, after you have declared the SDS for C&M global administrator, you must declare the security administrator. The roles of this user are the following:

  • Helpdesk: He can assign a new password to a user who has forgotten the password associated with his SDS for C&M account,
  • Recovery: He can grant access to all the protected files of one user to another user, for example if the former user has left the company.
  • Delegation of these roles: He can assign the Helpdesk and/or Recovery roles to other users. For more information, please refer to the section Assigning Helpdesk and Recovery roles.

When an account is created, the associated private key and public key are generated on the local workstation. Double encryption is then applied to confidential keys. Stormshield therefore cannot decrypt information that your coworkers have protected, or change their passwords. Only security administrators and the accounts they are allowed to manage can perform such operations. For more information, refer to the sections Main principles for internal users and Helpdesk and recovery in Architecture and security.