Creating secret encryption keys
About this task
You can create a secret encryption key and then use that key to encrypt fields in a database. Then, only users who have the secret encryption key can read the fields. Before you distribute the key, you must merge the secret key into your user ID. Then you can distribute the key to other users, who, in turn, must merge the secret key into their user IDs.
To create a secret encryption key
Procedure
- Choose File - Security - User Security.
- Click the Notes® Data tab, then Documents.
- Click New Secret Key.
- Enter a name for the new key.
- Optional: Write a comment to explain the key's use -- for example, the databases to use it with, the people who have copies of it, and so on.
- Click OK, then click Done.
To attach a secret encryption key to a document
Procedure
- Open the document you are encrypting.
- Choose File - Document Properties.
- Click the Security tab.
- Choose one or more secret encryption keys that you created, or choose the people who can use their public key to access the document (click the person icon next to the "Public Encryption key" field) under "Encryption Keys".
- Send or close the document.
Considerations
About this task
Before you distribute secret keys, consider the following:
- Allow only users who have Manager access in the database ACL to send a key to users. Distribute the key to other managers of the database in an e-mail that allows them to send the key to other users. Distribute the key to users in a separate e-mail that prevents them from sending the key to others.
- If you distribute an encryption key to users who have Author access in the database ACL, they can remove encryption from any documents they create.
- If you distribute the key to users who have Editor or higher access in the database ACL, they can remove encryption from documents that other users create.