Advanced Permissions
Click here to see this page in full context

Advanced permissions

Date and time

You can use the Date and Time restrictions to limit access to a file within a specific time period. You may specify a start date and time or an end date and time or both. 

When opening a file having Date and Time restrictions, the Policy Server date will be considered if the file is opened in Online mode.

Number of days

The Number of Days restriction allows you to limit the number of days for which the file will be accessible to a user. The number of days may be counted from either

The day the file is protected     
                         
OR                

The day the file is first accessed by the user

For the latter, each authorized user may first access the file on different days and the system will track each user separately. 

Machine lock

The Lock-to-Machine permission allows you to limit access to a file to one particular computer or device only. The file is 'locked' to the computer on which it is first opened. As long as this permission is in effect, users cannot open the file on any other computer. Each user's computers/devices are tracked individually.

When a file is opened the first time by a user, their computer's details are saved on the Seclore Policy Server. Whenever they attempt to access a file, the system will verify whether it is being accessed on the same computer as last time. That particular user will not be able to open the file on any other computer. 

Resetting the machine lock

It is possible for the file owner or a Security Administrator to 'reset' the lock on a protected file for a particular user. In this case, the file will become 'unlocked' from a computer and then get locked to the computer on which it is opened next. See Unlocking a File from a Device for more information.

Location based restrictions

While creating a policy you can restrict access to files to a particular range of IP addresses. If this restriction is applied, the file can be accessed from a computer that has IP addresses that fall within the specified range only. A maximum of 10 such distinct ranges can be defined for one user in a policy. 

A few things to note assigning IP address ranges:

  1. Only IPv4 addresses are allowed. As of Seclore 2.48.0.0 (August 2013), IPv6 addresses are not supported.
  2. The same range cannot be entered twice.
  3. Both the From and To IP address ranges are required.
  4. The IP address entered in the From field must be less than or equal to that in the To field. If you wish to restrict file usage to only one IP address, enter the same address in both fields. 
  5. The numbers in the first block should be the same for the From and To IP addresses. For example, if the From address starts with 192, the To address should also start with 192.

It is recommended that you install the latest version of your browser to use this feature.