Well there's an inbox solution for this in Windows, it will take some serious design and additional CAL purchases as well as custom development for Linux client usage however 2 of the three requirements are simple solves for Linux based clients (at rest, in transit) transparent decryption gets a bit harder. A quick bit of research seems to indicate you could right a java app using the rms 4.1 or later SDK to write a wrapper for your linux/mac clients to access Windows Rights Management enabled documents.
Encrypted at rest -- Bitlocker / Windows Rights Management Encrypted in transit -- SMB 3.0 Decryption on access limited to groups transparently -- Windows Rights Management Nathan Shelby [email protected] 425-205-9047 On Wed, Jan 25, 2017 at 2:22 PM, Richard Stovall <[email protected]> wrote: > Two things I can think of. > > - The shares might not live on Windows servers (could be addressed by > limiting to Windows servers). > > - The files need to remain encrypted if they are copied off to other > devices. Decryption should only be doable by approved parties in > appropriate AD groups. (Forgot to mention that this morning. Sorry.) > > > > On Wed, Jan 25, 2017 at 5:09 PM, Michael B. Smith <[email protected]> > wrote: > >> What’s wrong with BitLocker? >> >> >> >> *From:* [email protected] [mailto:[email protected] >> orum.com] *On Behalf Of *Richard Stovall >> *Sent:* Wednesday, January 25, 2017 10:15 AM >> *To:* [email protected] >> *Subject:* [NTSysADM] File share encryption >> >> >> >> How are folks encrypting files on shares? I need to have files on some >> shares encrypted with transparent decryption when authorized users access >> the files. >> >> >> >> Looking at Symantec/PGP file share encryption, but it is way overkill for >> what I'm trying to do. >> >> >> >> Ideally, the shares should be able to be Windows or Samba (Linux). Worst >> case, Windows only. >> >> >> >> Any suggestions? >> >> >> >> Thanks, >> >> RS >> > >
