SafeGuard Enterprise Cloud Storage allows you to define and use your own keys for encryption.
If you choose to override the centrally assigned encryption policy for cloud storage by assigning a different encryption key for any (sub)folder, this information is retained in a .sophos file. This .sophos file is stored in the folder that the user has selected the chosen key to be applied to.
In certain cases there can be more than one .sophos file in a folder. This can result in a different key to that which you expected being used for the encryption of files in this particular folder.
First seen in
SafeGuard Cloud Storage 6.00.1
SafeGuard Cloud Storage 6.0
Due to the nature of file synchronization across multiple computers, there is always a potential risk of having a file modified/created simultaneously in different locations. The synchronization process cannot resolve these conflicts, and therefore it usually creates a second instance of the file that has caused the conflict. It requires the user to resolve the conflict by deleting one or both files.
Typically, conflicts happen in either of the following circumstances:
- different users specify an encryption key to be used for the same folder at the same time
- a user defines a different key for a folder that has not yet been synchronized completely, but which already has an override set.
What To Do
- delete all .sophos files except for one (see note below).*
- delete all .sophos files and define a new key afterwards if required.
* Which .sophos file should you keep?
There is no general answer to this question. It depends on the purpose of the local key override. If the key is actually the same as the one that was defined previously in another location, the conflicting .sophos file can be deleted and the system will continue using the proper key. If the keys are not identical there is no simple solution. In that case the user should check with the originator of the initial key override to determine which key should be used.