Policy
Keyavi uses geolocation
The ability to track a device’s physical whereabouts down to latitude and longitude coordinates, or more practically, a physical address, using GPS, cell phone towers, WiFi access points and IP address lookup, or a combination of these. policies Rules associated with a protected payload that designate which users can access the encrypted file, from what locations, and for what time periods. to validate whether users or API calls have access to Keyavi resources, including the Keyavi Portal, Keyavi-protected data, and the public APIs. Use the Policy page to define organization-level allowed and excluded geolocations. Your users can provide more granular policies for each file they protect The process of encrypting a file and tying access policies to it so that authorized users can access the data securely based on restrictions set by the data owner..
As a Keyavi Policy Administrator, you can add, modify, remove, or exclude geolocations.
File protection operations are controlled by organization-level geolocation policies. File protection operations include calls to protect and open (executed via Keyavi APIs) in Intelligent Directory and Keyavi apps (Windows, Mac, Android, and iOS). In addition, Service Logs, Chain of Custody, and Policy Audit Trail in the Keyavi Portal are validated against the same node-level geolocation policies.
Add an Authorized Organization-level Geolocation
Define authorized locations by specifying country, state, city, zip code, or latitude/longitude coordinates. These authorized locations apply to all of your protected data. If users apply conflicting geopolicies A policy type that restricts data access based on specified geographical limitations configured at the organization level and on payloads. to their files, the organization-level policies apply.
Excluded countries cannot be added as an authorized location.
-
Select Geo Settings from Policy on the left navigation.
-
Click Add Location and provide the following information:
-
Define a location using one of these two methods:
-
Enter a city, address, or zip code in the Location search, and then select the matching location. Show me
The remaining fields populate with relevant details.
-
Using decimal degrees, enter the latitude and longitude coordinates Lat,Long. Show me
While the number of decimal places you use in the coordinates affects the precision of the geolocation protection, Keyavi checks only the first four digits of the user's location when evaluating access locations.
The remaining fields populate with the geolocation details for the entered coordinates.
-
-
In Location Name, enter a name to identify the location.
-
If you want this policy to apply to one user only, in User, select the user to apply the policy to.
-
Click Save Location.
Modify a Geolocation
-
Select Geo Settings from Policy on the left navigation.
-
Select a location from the list and click Modify Location.
-
Update the location information and then click Save Location.
Remove a Geolocation
To remove an existing authorized location:
-
Select Geo Settings from Policy on the left navigation.
-
Select a location from the list and click Remove Location.
-
If prompted, confirm the removal.
Set Geolocation Exclusions
Geolocation exclusions define countries that are not authorized to access Keyavi. Use exclusions to prevent access from countries known for threat activities. You can configure exclusions only at the country level.
Exclusions take precedence over authorized locations, so if you set up an exclusion and have a conflicting authorized location, Keyavi prevents access based on the exclusion.
-
Select Geo Settings from Policy on the left navigation.
-
To add an exclusion, provide the following information and then click Add.
-
Location
-
Country
-
Reason
-
Remove Geolocation Exclusion
To edit an existing excluded location:
-
Select Geo Settings from Policy on the left navigation.
-
Select the location from the list and then click Remove.
-
Click OK to confirm.