Viewing CRES encrypted e-mails after employee terminates?
What is Cisco's position on decrypting CRES encrypted e-mails that are part of an employee's mailbox that no longer works for my company.
For example, we keep all of Tom's e-mail because he deals with very senstive issues and encrypts a large portion of his e-mails with CRES and desktop encryption. Tom wins the lottery and moves on. Six month's later our company is put under legal discovery for information that we know is in Tom's mailbox and is encrypted. But, we do not have his CRES password. Can we request his password be reset on his behalf? Does Cisco have a way to decrypt e-mails in bulk so that we don't have to manually decrypt the e-mails individually?
No. We do not have a way to get that un-encrypted - bulk, or otherwise. We (as Cisco) would just go through at that point and perform a user reset on the account in question --- which would reset the password and "secrets" answers. After that - the account would be forced to go through and re-establish the basic user setup. If you request this through a CRES admin account for your company - we can comply with that. But, if you are a non-admin - then we will not.
If an end-user does leave your company - happiliy with millions, or with sad force... CRES accounts aren't deleted - but you (as an admin), or Cisco, from global admin use, can lock the account. (We'd prefer to see the happily with millions - and wealth sharing for all!)
Normally - as long as you have your CRES account properly setup, you are an admin, AND you can properly log in and assure that your domain is tied to the CRES account correctly --- you should see and be able to search/view your company domain users that have CRES accounts created.
As stated by the CRES Admins, it is against CRES policy to delete users. You have the option to select the individual user and set their status to either Locked or Blocked. This will essentially prevent that user from accessing secure emails for the selected account.
One correction, to prevent users from opening existing envelopes (or logging into CRES itself), set them to Locked. If you set them to Blocked, the user can go through the forgot password process to get themselves active again, which presumably you don't want. Locked can only be reversed by an admin.
Application Protection, Availability & Security
Join our webinar May 6th to gain valuable industry insights into the most recent application cyber attacks and to understand the potential impact bot traffic is having on your business.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...