PGP Viewer for ios. Administrator s Guide 1.0

Similar documents
PGP Viewer for ios. User s Guide 1.0

Symantec PGP Viewer for ios

Symantec Encryption Management Server and Symantec Data Loss Prevention. Integration Guide

Symantec Workflow Solution 7.1 MP1 Installation and Configuration Guide

Symantec Encryption Desktop Version 10.2 for Mac OS X Release Notes. About Symantec Encryption Desktop

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Red Hat Enterprise Linux 5

Symantec Endpoint Encryption Full Disk Maintenance Pack Release Notes

Symantec Enterprise Security Manager Baseline Policy Manual for Security Essentials. Solaris 10

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. AIX 5.3 and 6.1

Symantec Enterprise Security Manager Modules for Oracle Release Notes

Veritas CommandCentral Enterprise Reporter Release Notes

PGP(TM) Universal Server Version 3.2 Maintenance Pack Release Notes

IM: Symantec Security Information Manager Patch 4 Resolved Issues

Configuring Symantec. device

Configuring Symantec Protection Engine for Network Attached Storage for Hitachi Unified and NAS Platforms

Veritas Storage Foundation and High Availability Solutions Getting Started Guide

Altiris Client Management Suite 7.1 from Symantec User Guide

Symantec NetBackup Vault Operator's Guide

Symantec Enterprise Security Manager Modules for Microsoft SQL Server Databases Release Notes. Release 2.1 for Symantec ESM 6.0, 6.1, and 6.5.

Veritas Cluster Server Application Note: High Availability for BlackBerry Enterprise Server

Veritas SaaS Backup for Office 365

Symantec Enterprise Vault Technical Note

Altiris Software Management Solution 7.1 from Symantec User Guide

Veritas Storage Foundation and High Availability Solutions Getting Started Guide

Configuring Symantec AntiVirus for BlueArc Storage System

Symantec Enterprise Vault Technical Note

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

Symantec ServiceDesk 7.1 SP1 Implementation Guide

PGP Desktop Version 10.2 for Windows Maintenance Pack Release Notes

Symantec Security Information Manager FIPS Operational Mode Guide

Symantec ApplicationHA Release Notes

Symantec Backup Exec System Recovery Granular Restore Option User's Guide

Veritas SaaS Backup for Salesforce

Security Content Update Release Notes for CCS 12.x

Symantec Enterprise Security Manager JRE Vulnerability Fix Update Guide

PGP(TM) Universal Server Version 3.2 Maintenance Pack Release Notes

Veritas Dynamic Multi-Pathing readme

Veritas Desktop and Laptop Option 9.2. Disaster Recovery Scenarios

Symantec Mobile Management 7.1 Implementation Guide

Veritas Storage Foundation and High Availability Solutions HA and Disaster Recovery Solutions Guide for Microsoft SharePoint Server

Symantec Enterprise Security Manager IBM DB2 Modules User Guide for Windows and UNIX. Version 4.2

Symantec Enterprise Security Manager IBM DB2 Modules User Guide for Windows and UNIX. Version 4.6

Veritas Storage Foundation and High Availability Solutions Application Note: Support for HP-UX Integrity Virtual Machines

Veritas Operations Manager Storage Insight Add-on for Deep Array Discovery and Mapping 4.0 User's Guide

Symantec NetBackup Appliance Fibre Channel Guide

Symantec Enterprise Vault

Veritas Cluster Server Library Management Pack Guide for Microsoft System Center Operations Manager 2007

Symantec Encryption Desktop Version 10.3 for Windows Maintenance Pack Release Notes

Symantec NetBackup for Lotus Notes Administrator's Guide. Release 7.6

Creating New MACHINEGUID and Disk UUID Using the PGPWdeUpdateMachineUUID.exe Utility

Altiris IT Analytics Solution 7.1 from Symantec User Guide

Symantec NetBackup for Enterprise Vault Agent Administrator's Guide

Symantec NetBackup OpsCenter Reporting Guide. Release 7.7

Veritas Desktop and Laptop Option 9.2. High Availability (HA) with DLO

Veritas System Recovery 18 Linux Edition: Quick Installation Guide

About Symantec Encryption Management Server

Altiris PC Transplant 6.8 SP4 from Symantec User Guide

Symantec ServiceDesk 7.1 SP2 Portal User Guide

Symantec System Recovery 2013 R2 Management Solution Administrator's Guide

Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide

Symantec Enterprise Vault Technical Note

Symantec Endpoint Encryption Full Disk Maintenance Pack Release Notes

Symantec ApplicationHA Agent for Microsoft SQL Server 2008 and 2008 R2 Configuration Guide

Security Content Update Release Notes. Versions: CCS 11.1 and CCS 11.5

Symantec NetBackup for Enterprise Vault Agent Administrator's Guide

Veritas Backup Exec Migration Assistant

PGP NetShare Quick Start Guide Version 10.2

NetBackup Copilot for Oracle Configuration Guide. Release 2.7.1

Veritas System Recovery 18 Management Solution Administrator's Guide

Veritas Disaster Recovery Advisor Release Notes

Veritas Storage Foundation and High Availability Solutions Getting Started Guide - Linux

Symantec Disaster Recovery Advisor Release Notes

Veritas Storage Foundation and High Availability Solutions Application Note: Support for HP-UX Integrity Virtual Machines

Symantec Endpoint Encryption Full Disk Maintenance Pack Release Notes

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Veritas Dynamic Multi-Pathing for Windows Release Notes

PGP Portable Quick Start Guide Version 10.3

Wise Mobile Device Package Editor Reference

Partner Information. Integration Overview. Remote Access Integration Architecture

Symantec Managed PKI. Integration Guide for AirWatch MDM Solution

Veritas NetBackup Copilot for Oracle Configuration Guide. Release 2.7.2

Symantec Enterprise Vault

Symantec Encryption Management Server

Symantec Encryption Management Server

Veritas System Recovery 16 Management Solution Administrator's Guide

Partner Information. Integration Overview Authentication Methods Supported

Veritas Storage Foundation and High Availability Solutions HA and Disaster Recovery Solutions Guide for Enterprise Vault

PGP Universal Server. Upgrade Guide 3.2

Symantec ediscovery Platform

PGP NetShare FlexResponse Plug-In for Data Loss Prevention

Veritas Storage Foundation Add-on for Storage Provisioning User's Guide. 4.0 Release Update 1

Symantec Enterprise Security Manager Modules for IBM DB2 Databases (Windows) User s Guide 3.0. Release for Symantec ESM 6.5.x and 9.

Veritas Storage Foundation and High Availability Solutions Microsoft Clustering Solutions Guide for Microsoft Exchange 2007

Veritas NetBackup for SQLite Administrator's Guide

Symantec LiveUpdate Administrator 2.3 User's Guide

Symantec NetBackup for Microsoft Exchange Server Administrator s Guide

Symantec NetBackup Deduplication Guide. Release 7.0

Symantec Corporation NetBackup for Microsoft Exchange Server Administrator s Guide

Symantec Network Access Control Linux Agent User Guide

Symantec NetBackup PureDisk Storage Pool Installation Guide

Transcription:

PGP Viewer for ios Administrator s Guide 1.0

The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Version 1.0.2. Last updated: November 2012. Legal Notice Copyright (c) 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, PGP, Pretty Good Privacy, and the PGP logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Java is a registered trademark of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED"AS IS"AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. Commercial Computer Software and Commercial Computer Software Documentation, as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement. Symantec Corporation 350 Ellis Street Mountain View, CA 94043 Symantec Home Page (http://www.symantec.com) Printed in the United States of America. 10 9 8 7 6 5 4 3 2 1

Contents About PGP Viewer for ios Who Should Read This Guide Important Terms System Requirements PGP Viewer for ios and the PGP Universal Server Additional Resources Technical Support Contacting Technical Support Licensing and registration Customer service Support agreement resources Before You Deploy PGP Viewer for ios About Your Organization's PGP Universal Server About the Configuration File About Policies Using PGP Viewer for ios with PGP Universal Server Version 3.2 and later About Installation About Configuration About Keys Deploying PGP Viewer for ios 1 1 1 2 3 3 4 4 5 5 5 7 7 8 9 9 10 10 11 13 Assisting Your PGP Viewer for ios Users 15 The End-User Experience During the Installation Process During the Configuration Process During Normal Usage 17 17 17 18

1 About PGP Viewer for ios PGP Viewer for ios decrypts, verifies, and displays PGP-encrypted messages and attachments on devices running Apple ios software. Note: You cannot encrypt or sign messages using this version of PGP Viewer for ios. This Guide assumes you are a PGP administrator responsible for: Getting Windows device users in your organization up and running with PGP Viewer for ios. Setting up your Windows device users so that they can decrypt and verify messages per organizational policy. This Guide assumes you are familiar with your organization's PGP Universal Server and have read the PGP Universal Server Administrator's Guide. In This Chapter Who Should Read This Guide... 1 Important Terms... 1 System Requirements... 2 PGP Viewer for ios and the PGP Universal Server... 3 Additional Resources... 3 Technical Support... 4 Who Should Read This Guide This Guide assumes you are a PGP administrator responsible for: Getting ios device users in your organization up and running with PGP Viewer for ios. Setting up your ios device users so that they can decrypt and verify messages per organizational policy. This Guide assumes you are familiar with your organization's PGP Universal Server and have read the PGP Universal Server Administrator's Guide. Important Terms Understanding the following terms makes it easier to use PGP Viewer for ios:

2 About PGP Viewer for ios System Requirements PGP Viewer for ios: A software product from Symantec Corporation that decrypts, verifies, and displays PGP-encrypted messages and attachments from a PGP Universal Server-managed email account on an Apple ios device. ios device: A device from Apple Computer that runs their ios mobile operating system. The iphone, ipod Touch, and ipad are all ios devices. PGP-encrypted message: An email message (and attachments) that has been encrypted by a PGP encryption product. PGP Universal Server: A software/hardware product from Symantec Corporation used for configuration and management of PGP encryption applications. encrypt: To scramble data so that it is unreadable. decrypt: To take encrypted data and make it readable again. enrollment: A process that establishes a relationship between a PGP Universal Server and client software, such as PGP Viewer for ios. This can be done manually by entering the required configuration information or automatically using a configuration file. LDAP Directory Synchronization: a feature of PGP Universal Server that lets your PGP Universal Server query your organization's LDAP directory server (a Microsoft Active Directory server, for example), thus accessing existing information about configured users, including their authentication credentials. key mode: One of the four "modes" in which a PGP keypair can be created. The four modes are Server Key Mode (SKM), Guarded Key Mode (GKM), Client Key Mode (CKM), and Server Client Key Mode (SCKM). SKM and GKM keys can be automatically downloaded to the ios device of your users; CKM and SCKM keys must be saved to a key file and then emailed to the ios device of your users for them to be used. System Requirements PGP Universal Server requirements System requirements for a PGP Viewer for ios deployment are: PGP Universal Server version 3.x. Managed email account on a PGP Universal Server with the LDAP Directory Synchronization feature enabled. Note: Your users can install PGP Viewer for ios on an ios device without having a managed email account on a PGP Universal Server with the LDAP Directory Synchronization feature enabled. They cannot configure or use PGP Viewer for ios without such an account, however. PGP Viewer for ios decrypts PGP/MIME, Partitioned text/html, and Partitioned text/plain messages. Decryption of S/MIME messages is not supported. Apple device requirements PGP Viewer for ios runs on the following devices:

About PGP Viewer for ios PGP Viewer for ios and the PGP Universal Server 3 Apple ipad 2 and ipad 3 (previously new ipad) Apple iphone 4S and iphone 5 Apple ipod Touch (4th and 5th Generations) PGP Viewer for ios runs on the following operating systems: Apple ios v6 Apple ios v5.x PGP Viewer for ios supports all resolutions of these ios devices in both portrait and landscape orientations. PGP Viewer for ios requires a managed email account on a PGP Universal Server with the LDAP Directory Synchronization feature enabled. PGP Viewer for ios and the PGP Universal Server PGP Viewer for ios requires that users be in a PGP Universal Server-managed environment where the LDAP Directory Synchronization feature is enabled and each user has an existing account with authentication credentials on the LDAP directory. During configuration, your users will be required to enroll with a specific PGP Universal Server. Enrollment information can be provided automatically using a configuration file you supply or by manually entering the information. PGP Viewer users enroll with their PGP Universal Server using their LDAP credentials, whether they are automatically or manually providing enrollment information. This requires that the PGP Universal Server managing your PGP Viewer users has the LDAP Directory Synchronization feature enabled and that each user has an existing account with authentication credentials on the LDAP directory. Policies from your organization's PGP Universal Server are automatically downloaded to the Windows device of your users during enrollment. Additional Resources Information about PGP Viewer is available from several sources: PGP Viewer for ios Administrator's Guide is available on the Symantec PGP Product Page http://www.symantec.com/business/theme.jsp?themeid=pgp. The administrator's guide (this guide) includes information for responsible for deploying and/or managing PGP Viewer users. PGP Viewer for ios Release Notes: Include the latest available information about the current release of PGP Viewer for ios. PGP Viewer for ios User's Guide is available on the Symantec PGP Product Page http://www.symantec.com/business/theme.jsp?themeid=pgp. The user's guide includes information for people using PGP Viewer on their Windows devices. PGP Viewer on-device help is available from within the application itself. To view the on-device help, open PGP Viewer for ios, tap Menu, then tap Help.

4 About PGP Viewer for ios Technical Support Technical Support Symantec Technical Support maintains support centers globally. Technical Support s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates. Symantec s support offerings include the following: A range of support options that give you the flexibility to select the right amount of service for any size organization Telephone and/or Web-based support that provides rapid response and up-to-the-minute information Upgrade assurance that delivers software upgrades Global support purchased on a regional business hours or 24 hours a day, 7 days a week basis Premium service offerings that include Account Management Services For information about Symantec s support offerings, you can visit our Web site at the following URL: www.symantec.com/business/support/ All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy. Contacting Technical Support Customers with a current support agreement may access Technical Support information at the following URL: www.symantec.com/business/support/ Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem. When you contact Technical Support, please have the following information available: Product release level Hardware information Available memory, disk space, and NIC information Operating system Version and patch level Network topology Router, gateway, and IP address information

About PGP Viewer for ios Technical Support 5 Problem description: Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes Licensing and registration If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: www.symantec.com/business/support/ Customer service Customer service information is available at the following URL: www.symantec.com/business/support/ Customer Service is available to assist with non-technical questions, such as the following types of issues: Questions regarding product licensing or serialization Product registration updates, such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades Information about upgrade assurance and support contracts Information about the Symantec Buying Programs Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs or manuals Support agreement resources If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows: Asia-Pacific and Japan Europe, Middle-East, Africa North America, Latin America customercare_apac@symantec.com semea@symantec.com supportsolutions@symantec.com

2 Before You Deploy PGP Viewer for ios To ensure a successful deployment of PGP Viewer, there are a number of things you need to do before you deploy. Before you deploy PGP Viewer for ios, make sure: Your organization's PGP Universal Server is set up correctly. The LDAP Directory Synchronization feature must be enabled and configured correctly. The LDAP directory is set up correctly. Each PGP Viewer user must have a working account and know their authentication credentials. You have correctly configured policies that affect your PGP Viewer users. Each PGP Viewer user is set up correctly. Each user must have a messaging account on the PGP Universal Server and know his or her authentication credentials. Also, each must have an email application on the Windows device that is configured to send and receive email using the email address managed by your organization's PGP Universal Server. Users know how to install PGP Viewer on their Windows device. Users know how to configure PGP Viewer once it is installed. Users know how to get their PGP key onto their Windows device, if it is not automatically downloaded for them. In This Chapter About Your Organization's PGP Universal Server... 7 About the Configuration File... 8 About Policies... 9 About Installation... 10 About Configuration... 10 About Keys... 11 About Your Organization's PGP Universal Server Your organization's PGP Universal Server must be configured correctly in order to support PGP Viewer users.

8 Before You Deploy PGP Viewer for ios About the Configuration File Each PGP Viewer user must have an existing account on your organization's PGP Universal Server. This is the email account that they configure on their Windows device so that they can download encrypted messages. You need to provide the information they require so they can configure this account on their Windows device. If they do not know how to configure an email account on an Windows device, you may have to assist them.. Your organization's PGP Universal Server must have the LDAP Directory Synchronization feature enabled. This feature allows your PGP Viewer user to authenticate to your organization's PGP Universal Server using the authentication credentials on the LDAP server. Each PGP Viewer user must have an existing account on your organization's LDAP server and know the password for their account. Even if your users are configuring PGP Viewer using a configuration file, they will need to know their LDAP password to authenticate to the PGP Universal Server. About the Configuration File Creating and providing a configuration file to your PGP Viewer users helps those users to configure PGP Viewer, and they do not have to enter any information during the configuration process except their LDAP account and proxy server passwords. The configuration file must be able to be opened by PGP Viewer, so it should be named as a file name similar to enroll.pgp. The fields in the PGP Viewer configuration file are: pgpstamp: The fully qualified domain name or IP address of your organization's PGP Universal Server. LDAPUserName: The user name of the PGP Viewer user on your organization's LDAP server. useproxyserver: This value is true if your PGP Viewer users connect to your organization's PGP Universal Server via a proxy server; False if they do not. proxyserverhostname: The fully qualified domain name or IP address of the proxy server. This value is required when your PGP Viewer users connect to your organization's PGP Universal Server using a proxy server. proxyserverport: The port number to use on the proxy server. This value is required when your PGP Viewer users connect to your organization's PGP Universal Server using a proxy server. proxyserverusername: The user name of the PGP Viewer for ios user on the proxy server. This value is required when your PGP Viewer users connect to your organization's PGP Universal Server using a proxy server. Note: Neither the LDAP account or proxy server passwords are stored in the configuration file. Following is a sample configuration file: <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE plist PUBLIC "-//PGP Corporation//DTD PLIST 1.0//EN" "http://www.pgp.com/dtds/pgppropertylist-1.0.dtd">

Before You Deploy PGP Viewer for ios About Policies 9 <plist version="1.0"> <dict> <key>pgpstamp</key> <string>192.168.137.100</string> <key>ldapusername</key> <string>wjb</string> <key>useproxyserver</key> <true></true> <key>proxyserverhostname</key> <string>192.168.137.98</string> <key>proxyserverport</key> <integer>3128</integer> <key>proxyserverusername</key> <string>wjb</string> </dict> </plist> About Policies Policies from your organization's PGP Universal Server that apply to mobile devices also apply to PGP Viewer. Policies from your organization's PGP Universal Server are automatically downloaded to the Windows device of your users during enrollment. Policies are not refreshed on a regular basis. Using PGP Viewer for ios with PGP Universal Server Version 3.2 and later Mail policies and preferences for your PGP Viewer users are automatically downloaded during configuration of PGP Viewer. If you add a preference or change an existing preference after PGP Viewer is installed on a mobile device, the new settings are automatically downloaded during re-enrollment on the Windows device. Windows users can force an update of preferences and policies by selecting Reset Server Connections (from the Settings screen). Mail policies and preferences for your PGP Viewer users are stored on your PGP Universal Server. To use the default settings for all PGP Viewer preferences, you do not have to do anything. The settings are downloaded and implemented automatically. To use settings for PGP Viewer preferences other than the default settings, you must specify the setting you want to use. Any PGP Viewer preference not specified uses the default setting. Warning: Preferences should be edited with caution. A misconfiguration can result in your PGP Viewer clients to stop functioning properly. Use PGP Universal Server to manage mail and consumer policy for PGP Viewer. Mail Policies Mail policies for your PGP Viewer users are created on your PGP Universal Server and then downloaded to your PGP Viewer users.

10 Before You Deploy PGP Viewer for ios About Installation Refer to the PGP Universal Server Administrator's Guide for complete information about configuring mail policies. Note: Not everything in the mail policy chains downloaded to your PGP Viewer users apply to them; any mail policy settings that do not apply to PGP Viewer are ignored. Included in PGP Universal Server v3.x is the Default: Desktop mail policy chain from Mail > Mail Policy. This is the default mail policy that is downloaded to your PGP Viewer users' Windows devices. You can edit this policy or create new policies if desired. Configuring Consumer Policy Options for PGP Viewer for ios To specify policy options, in PGP Universal Server, select Consumers > Consumer Policy > Consumer Policy Options (select any policy). Under Keys, click Edit. In the Key Settings screen, click the Options tab. The options you can change are: Save passphrases for the current session only. Automatically saves passphrases in memory until the user logs off their device or ends the session. If you enable this option, your users are prompted for their passphrase every session. Save passphrases for X (hh:mm:ss). Automatically saves passphrases in memory for the specified duration of time. If you enable this option, your users are prompted for their passphrases once for the initial signing or decrypting task; they are not prompted to type it again until the specified time has elapsed. The default setting is 0:3:0 (3 minutes). Do not save passphrases. Prevents your users' passphrases from being stored in memory. If you enable this option, your users must type their passphrase each time it is needed. About Installation <pc_viewer is currently only available for installation from Apple's App Store. Your PGP Viewer for ios users will have to install PGP Viewer for ios from the App Store. Refer to the PGP Viewer for ios User's Guide for detailed installation instructions. About Configuration After installation, PGP Viewer must be configured so that your users can enroll with your organization's PGP Universal Server. Your PGP Viewer users must provide the following configuration information: The PGP Universal Server they want to enroll with. Who they are.

Before You Deploy PGP Viewer for ios About Keys 11 Once this information is provided, users are enrolled and your organization's PGP Universal Server downloads the appropriate policies to the user's Windows device. There are three ways to configure PGP Viewer and enroll with a PGP Universal Server: Using a configuration file. The configuration file provides all of the information your PGP Viewer users need to enroll, except for the password to their LDAP account. Passwords should never be stored unencrypted in a configuration file. Your PGP Viewer users need to enter the password to their LDAP account to complete the process. Manually entering required information, by using a direct connection to your organization's PGP Universal Server. In this case, your PGP Viewer users must manually enter the required configuration information on their Windows device. Manually entering required information, by connecting to your organization's PGP Universal Server using a proxy server. In this case, your PGP Viewer users must manually enter the required configuration information plus the information about your organization's proxy server on their Windows device. Refer to the PGP Viewer for ios User's Guide for detailed configuration instructions. About Keys PGP Viewer for ios itself does not create PGP keys, but it uses them to decrypt encrypted messages and to verify signatures (if this feature is enabled). In the case of SKM keys, if the key does not exist on the PGP Universal Server, PGP Viewer sends a request to the PGP Universal Server to create the key for the user. PGP Viewer for ios supports all four modes in which a PGP keypair can be created: Server Key Mode (SKM). The private key is stored unencrypted on the PGP Universal Server. SKM keys for a PGP Viewer user are automatically downloaded to their Windows device when they enroll. Your users do not need to do anything else other than enroll to use their key. Guarded Key Mode (GKM). The private key is stored encrypted on the PGP Universal Server. GKM keys for a PGP Viewer user are also automatically downloaded to the user's Windows device when enrolling. The user is required to enter the passphrase to their private key in order to use it. Client Key Mode (CKM). The private key is stored encrypted on a PGP client, such as PGP Desktop. To use a CKM key with PGP Viewer, the keypair must be saved to a key file and emailed and retrieved on the Windows device. When received, the user must open the emailed attachment using PGP Viewer and provide the passphrase to the private key. The key is then imported into PGP Viewer and is ready for use. Refer to the PGP Viewer for ios User's Guide for detailed instructions about importing a CKM key. Server Client Key Mode (SCKM). The key is generated on a PGP client, such as PGP Desktop. Private encryption subkeys are stored both on the client and on the PGP Universal Server while private signing subkeys are stored only on the client. To use an SCKM key with PGP Viewer, the keypair must be saved to a key file and emailed to and retrieved on the Windows device. When received, the user must open the emailed attachment using PGP Viewer and provide the passphrase to the private key. The key is then imported into PGP Viewer and is ready for use.

12 Before You Deploy PGP Viewer for ios About Keys Refer to the PGP Universal Server Administrator's Guide for more information about PGP key modes. Refer to the PGP Viewer for ios User's Guide for the procedure for downloading keys onto an Windows device for use with PGP Viewer.

3 Deploying PGP Viewer for ios PGP Viewer for ios is currently available only through the Apple App Store. Your PGP Viewer for ios users must install the app using the Apple App Store.

4 Assisting Your PGP Viewer for ios Users There are a number of things that PGP Corporation recommends you do to help support your PGP Viewer for ios users: Provide your PGP Viewer users with a written statement about appropriate uses for PGP Viewer. Include a summary of your official corporate security policies and how they can use PGP Viewer to conform to those policies. You might want to include, for example, whether or not they are allowed to include decrypted text in replies to messages that the received encrypted and whether they can use corporate email on their Windows device if they do not use PGP Viewer. Make sure they get a copy of the PGP Viewer for ios User's Guide. Strongly encourage them to read the user's guide before installing PGP Viewer on their Windows devices. Tell them about the other resources that are available to them, including the on-device help and any assistance your organization provides. Give them a phone number to call or an email address to write to in case they experience problems. Set up a system so that each user can report a successful installation.

5 The End-User Experience You can help ensure a successful end-user experience with PGP Viewer for ios by preparing your end users for the installation, configuration, and usage of PGP Viewer. If you decide to provide your PGP Viewer users with a document created by your organization, you may want to include some or all of the points listed here. In This Chapter During the Installation Process...17 During the Configuration Process...17 During Normal Usage...18 During the Installation Process The following items may impact your PGP Viewer users during installation: Your PGP Viewer for ios users must get the PGP Viewer installer from the appropriate app store. If they are not very familiar with the app store and/or how to install Windows apps, they may need assistance. During the Configuration Process The following items may impact your PGP Viewer users during the configuration process: If their account on your organization's PGP Universal Server is not correctly set up, then your PGP Viewer users will be able to install PGP Viewer for ios correctly, but they will not be able to configure it correctly or get it to work. Make sure: Each PGP Viewer user has a managed account on your organization's PGP Universal Server. Your organization's PGP Universal Server has the LDAP Directory Synchronization feature enabled. Each PGP Viewer user has an account on the LDAP directory and knows his or her authentication credentials. If access to your organization's PGP Universal Server is through a proxy server, notify your PGP Viewer users that must manually configure the proxy server information and inform them that they need to enter this information during configuration.

18 The End-User Experience During Normal Usage Notify those PGP Viewer users who will have to download their key to their Windows device manually that they need to do this. This applies to PGP Viewer users whose PGP key is Client Key Mode (CKM) or Server Client Key Mode (SCKM). During Normal Usage The following items may impact your PGP Viewer for ios users during normal usage: Encrypted messages they receive will not be readable. Depending on the format of the message, they may see attachments, encrypted text, or attachments and encrypted text where they are expecting the body of the message. They need to know that this is the type of message that is opened by PGP Viewer. Encrypted messages are not opened directly by PGP Viewer; instead, your PGP Viewer users must open the encrypted message first and then take the appropriate action to read the text based on the format of the encrypted message. PGP Viewer functionality may change from time to time if the policies change that apply to a user.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback