Skip to main content

This article applies to Cloud.

Other available versions:

Version 6 | Version 5icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

Endpoint monitoring not compatible with upgraded encryption settings

This article applies to Cloud.

Other available versions:

Version 6 | Version 5icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business

Overview

Attempting to enable endpoint monitoring in an organization that uses upgraded archive encryption key security results in one of the following error messages:

  • "Your changes cannot be applied because one or more organizations use upgraded encryption settings."
  • "Your changes cannot be applied because this organization or child organizations use upgraded encryption settings."

Endpoint monitoring and upgraded archive security cannot be used at the same time. Upgraded archive security settings prevent access to a user's archives from any external source, including the Code42 cloud attempting to perform endpoint monitoring functions.

Considerations

  • Upgraded archive security may be enabled by:

Recommended solution

Reconfigure the users and organizations in your Code42 environment so users with upgraded archive encryption are not in organizations that use endpoint monitoring. Endpoint monitoring and upgraded archive security cannot be used at the same time.

To enable endpoint monitoring for a user with upgraded archive security, follow the steps in the alternative solution below to restart the user's backup.

Alternative solution

New backup required
The archive security level can never be downgraded, so the only way to enable endpoint monitoring for a user with upgraded archive security is to create a new account for the user and perform a new backup with standard archive encryption.

Repeat the steps below for each affected user.

  1. Sign in to the administration console as an administrator with permissions to manage the affected users.
  2. Select Users > Active.
  3. Select the affected user.
    The User details screen appears.
  4. From the action menu in the upper right, select Edit.
  5. Change the Email Address to indicate this account is no longer in use. For example, change clyde.bailey@example.com to clyde.bailey-deactivated@example.com.
    This allows you to re-use the the user's actual email address for the new account.
  6. Click out of the Email Address field, and click Update User.
  7. Deauthorize the user's devices. Follow these steps for each device associated with the user:
    1. From the user's details, select the user's device.
    2. The device details screen appears.
    3. From the action menu in the upper right, select Deauthorize.
      The user is signed out of the Code42 app on the device.
  8. Select Users > Active > Add A New User to create a new account for the user.
  9. Lock the archive encryption key setting:
    1. Go to Organizations > Active.
    2. Select the user's organization.
      The organization details screen appears.
    3. From the action menu in the upper right, select Device Backup Defaults.
    4. Select Security.
    5. From Archive Encryption Key, deselect Use default archive encryption key setting.
    6. Select Standard.
    7. Click the lock icon.
      This prevents users from changing this setting.
  10. Instruct the user to sign in to the Code42 app using the new account, and click Start Backup.
  11. Wait for the new backup to be 100% complete.
  12. Deactivate the user account with upgraded security. This account's username was updated in Step 5 above to indicate it's no longer in use.
    After deactivation, the files backed up by this account cannot be restored, so it is important to make sure the backup for the new user is complete.
  13. Enable endpoint monitoring.