While all data on Creative Cloud and Document Cloud is encrypted, for extra layers of control and security, you can choose to have Adobe generate a dedicated encryption key for some or all the domains in your organization. Contents are then encrypted using the dedicated encryption key. If necessary, you can revoke the encryption key from the Admin Console.

Dedicated encryption keys are available only with the Creative Cloud or Document Cloud for enterprise shared services plans that include storage and services.

Does Adobe generate one encryption key per organization or one key per claimed domain?

You can use a dedicated encryption key for every active domain in your organization.

Will I be notified when existing content has been encrypted?

Yes, the Admin Console displays a notification when existing content has been encrypted.

Can I revoke the encryption key for a domain after it has been enabled?

Yes, you can revoke an encryption key. When you revoke the encryption key, your users can no longer access content that has been encrypted using the encryption key.

How do I restore access to content after the encryption key has been revoked?

To restore access to content whose encryption key has been revoked, re-enable the encryption key from the Admin Console.

Can users browse files after the encryption key is disabled?

Yes, users can browse files but cannot access the contents of the files.

What happens if the encryption key is revoked while a file sync operation is in progress?

The sync operation fails.

What apps, services, and data remain unaffected by the dedicated encryption key?

The following data is not encrypted using the dedicated encryption key and is therefore not affected if the key is revoked:

  • Data of members of an organization with an Adobe ID account (unless the user is collaborating on content when Enterprise ID or Federated ID users initiated the collaboration).
  • Metadata (file name, collection name, font use, MIME type, and other attributes necessary to browse a collection)
  • Videos published by Premiere Clip and Adobe Voice
  • Lightroom photos
  • Colors that are stored by the Adobe Color service
  • All data that is managed by the Behance and Adobe Font services
  • All data managed by the Marketing Cloud
  • Saved application preferences
  • Information about the account holder such as name, email, licenses, and other basic user account information.

Contact your Adobe Account Manager for more information.

If a user uploads data when the encryption key is revoked, will it be encrypted using standard encryption keys?

No, standard encryption keys will not be used. The user will not be able to upload data because no valid key is present.

Where can I find more information about Creative Cloud for enterprise security?

Where can I find more information about Document Cloud for enterprise security?

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy