You can apply Ionic DRM to files uploaded to supported cloud services through the use of DLP rules. Once encrypted, the files can only be viewed by authorized users through the Ionic plugin.
Define Rules in Ionic DRM Dashboard
In order to protect uploaded files with Ionic DRM, first create a policy in the Ionic DRM dashboard. Set the rule to encrypt files uploaded to your target cloud service. Please consult Ionic’s help documents for instructions on building rules in their dashboard.
Define Rules in Skyhigh CASB
Once configuration is complete in the Ionic Dashboard, you must create a rule in the Skyhigh CASB to pass the uploaded file to Ionic for encryption before uploading it to the cloud service. Follow these steps to define the appropriate rule:
- Navigate to Policy > DLP Policies and click Create Policy.
- Set type Proxy.
- Select the Service to be Managed (i.e. Salesforce).
- Choose Data Identifier as SSN.
- If you want all uploaded files to be protected by Ionic DRM, set the Rule for Collaboration: Upload.
- If you want other conditional rules to determine encryption (for example, to only encrypt documents that contain Social Security numbers), add the rules in addition to the Collaboration rule. For example, to protect documents with Social Security Numbers, add the rule Data Identifier: SSN.
- Because Ionic DRM’s plug-in cannot decrypt .xlsx files, set the exception rule for File Type: Microsoft Excel.
- Set the response Apply DRM.
Any file uploaded to the selected service (that matches any other rules) will be encrypted by Ionic DRM. Authorized users can view plain-text versions of the files through the Ionic Plugin.