Secure Enclave Registry Data Loss Prevention Policy

The "Registry for Secure Enclave" policy provides admins with the ability to customize the registry settings for the Secure Enclave on Windows devices. It allows for fine-grained control and configuration of the Secure Enclave's behavior to enhance security and meet specific organizational requirements. This article will guide you through the steps to manage the "Registry for Secure Enclave" policy effectively.

Accessing the "Registry for Secure Enclave" Policy

To access the "Registry for Secure Enclave" policy:

  1. Sign in to the administrative interface of your organization.

  2. Using the left-side navigation menu, click on Policy Admin.

  3. From the expanded options, select DLP Policy.

    Annotation

Modifying the "Registry for Secure Enclave" Policy

To modify the "Registry for Secure Enclave" policy:

  1. Locate the target policy within the DLP Policy section.
  2. Next to the "Registry for Secure Enclave" setting, click on the Change button.

    Annotation

Uploading a File

  1. In the policy editor, click on the Upload a File button.

    Annotation

  2. You can either drag and drop a file into the upload dialogue or click on the Browse Files button to select a file.

    imageedit_2_4465458508.png

  3. Select the desired file to upload. Please note that the supported file type for the "Registry for Secure Enclave" policy is .reg.
  4. The selected file will be displayed within the upload dialogue for review.

    imageedit_4_6567823868.png

  5. If the chosen file is not a valid .reg file, an error message will be displayed, and you will need to remove the errant one and select a different file.

    imageedit_6_5354448111.png

  6. Click on the Upload button to confirm the file upload.
  7. The upload dialogue will close, and the uploaded file will be displayed in the policy editor's "New File" list. The changes are not applied until the Apply button is clicked in the main policy window.

    Annotation

Applying the Policy

Policy change polling occurs hourly and will apply even if a user is logged in.
The changes can also be applied immediately if a user logs out/logs in.
  1. Once you have uploaded the desired files, click on the Apply button to apply the changes to the registry.

    imageedit_8_5302839215.png

  2. The policy editor will close, and the changes made to the registry settings will be applied.

Policy Conflict Handling

In cases where multiple files have been uploaded, conflicts may arise when applying changes to the registry. For example, a new file may attempt to modify a value that is already being modified by a previously uploaded file.

The system will check for any conflicting settings and prompt you with appropriate notifications or error messages to resolve the conflicts.

Screenshot

Exporting a File

To export a file from the "Registry for Secure Enclave" policy, click on the download icon located to the right of the file name in the list.

Annotation

This feature is useful when you want to tweak a specific registry setting using an existing file as a reference.

Removing a File

  1. To remove a file from the "Registry for Secure Enclave" policy, click on the trash icon located to the right of the file name in the list.

    Annotation

  2. A confirmation popup will appear. Click on the Remove button to proceed with the removal.

    imageedit_10_9051245223.png

  3. The confirmation dialogue will close, and the selected file will be removed from the file list.
  4. Click on the Apply button to finalize the change, or click Cancel to discard the change.

Was this article helpful?