Configuring generic account settings

In Policies > Accounts > Settings, configure the generic user account settings:

Account type

Select an SDS Enterprise account for the following user categories: Smart card, Password, Password and smart card, or Single Sign-on (SSO). For more information on how to use SSO mode, refer to the section Creating a Single Sign-On (SSO) account.

Encryption and signature
Encryption algorithm Algorithm used to encrypt the data. SDS Enterprise offers only the AES algorithm.
Signature algorithm Algorithm used to sign data. Choose SHA-256 or SHA-512.
Card or USB token accounts
Middleware

Select the middleware to use on user workstations from the list of middleware supported by SDS Enterprise. Only one middleware solution can be selected for each policy. Even if you intend to use the Stormshield Data Security middleware provided by default, it must be selected from the list.

In the security policy's .json configuration file, you can manually specify several middleware options to use (cardMiddlewares parameter). For more information, refer to the SDS Enterprise Advanced configuration guide.

The middleware must be installed beforehand on user workstations.

For more information, see section Installing and using the card extension (smart cards and USB tokens).

Password account
On automatic Windows session lock

These settings make it possible to define the behavior of the SDS Enterprise agent when the Windows session is locked.

  • No actions

  • Lock SDS session: Locking your session prevents access to your keys. This means that the user can no longer access encrypted data, but can continue to use files that are already open. You can choose to unlock SDS when the Windows session resumes.

  • Log out of SDS session: Logging out amounts to closing the SDS Enterprise account. As a result, SDS Enterprise features cannot be used.