Stormshield Data Team

Stormshield Data Team can be configured in the teamPolicy section of the .json file. The table below describes its parameters. In the SDMC administration console, the equivalent parameters are found in Policies > Features > Team.

For more information on configuring this feature, refer to the section Configuring Stormshield Data Team in the Administration guide.

Parameter Description Prescribed values SDMC

accessToEncryptedFile

Indicates the accessibility of an encrypted file. Allowed values are:

  • "always" to access it regardless of the certificate status,

  • "notIfRevokedOrCrlExpired" to deny access if the encryption key is revoked or the CRL is not available,

  • "notIfCertificateHasAnIssue" to deny access if the certificate has a warning or error.

always,

 

 

 

 

notIfRevoked
OrCrlExpired,

 

 

 

 

 

 

 

 

notIfCertificate
HasAnIssue

 

 

 

 

 

Users can access an encrypted file regardless of the status of their certificate,

 

Users cannot access an encrypted file if the certificate of their encryption key is revoked or if the revocation list is not available,

 

Users cannot access an encrypted file if their certificate displays a warning or an error.

allowDecryption Indicates whether file decryption is allowed.

true,

false

Allow encryption
allowDeletion Indicates whether file deletion is allowed.

true,

false

Allow deletion
allowEncryptionAccording
ToDefinedRules
Indicates whether encryption is allowed according to the rules defined.

true,

false

Allow encryption according to the rules defined
allowSaveAndRestore Indicates whether backups and restorations are allowed.

true,

false

Allow save and restore
closeReportWindow

Indicates when to close the report window. Allowed values are:

  • "always" for the window to close after encryption,

  • "ifNoWarning" for the window to remain displayed when there is a warning,

  • "never" for the window to remain displayed after encryption.

always,

ifNoWarning, never

Closing the report window
excludedFolders Optional. List of folders to be excluded. This list is recursive. Character string N/A
ignoredApplications Optional. List of applications to be ignored. Character string N/A
openEncryptedFileIn
UnsecuredFolder

Defines the behavior when opening an encrypted file in a non-secure folder. Allowed values are:

  • "allow" to allow it,

  • "deny" to prohibit it,

  • "readonly" to allow it in read-only mode.

allow,

deny,

readOnly

Opening encrypted files in a non-secured folder
reencryptFilesWhen
RemovingCoworkers
Indicates whether files will be encrypted again if a co-worker is removed from the rule.

true,

false

Encrypt again files when removing coworkers from a rule
secureDragAndDrop

Defines the behavior when files or folders covered by a Data Team rule are copied or moved to a non-secure folder. Allowed values are:

  • "keepCurrentRule" to apply the rule of the destination folder after moving or copying,

  • "forbidden" to prohibit copying or moving,

  • "noDecryption" to not decrypt the file after moving or copying.

keepCurrent
Rule,

 

 

forbidden,

 

 

 

noDecryption

Decrypt when copying or moving,

 

Prohibit copying or moving,

 

Keep encryption when copying or moving

setCreationDateTo
CurrentDate
Indicates whether the creation date must be the current date.

true,

false

Set creation date to current date
setModificationDate
ToCurrentDate

Indicates whether the modification date must be the current date.

true,

false

Set modification date to current date
showCoworkers

Indicates when the rule is displayed. Allowed values are:

  • "always" so that all users can display the rule,

  • "onlyIfUserIsACoworker" so that only co-workers in the rule can show the rule,

always,

onlyIfUserIsA
Coworker

Show co-workers
showSuccessfully
ProcessedFiles
Indicates whether correctly encrypted files are shown in the progress window.

true,

false

Show encrypted files in the progress window
updateCoworker
KeyInKnownRules
Indicates whether the co-worker's key is updated in the known rules after a key renewal.

true,

false

Update a coworker's key in the known rules if the key has been renewed
useLocalCertificate
State
Indicates whether the status of the local certificate in the cache must be used if the CRL cannot be downloaded, or if it has expired.

true,

false

Use local certificate state in cache if the revocation list cannot be downloaded or if it is expired