Objective
This article explains how to disable zip file web restores for an organization to improve security. Disabling this feature limits file exfiltration potential by preventing users from downloading data in a browser. It also prevents unencrypted files from existing on a storage server, which secures user data from access by administrators.
Zip file web restores must also be disabled for NIST 800-171 compliance.
Prerequisites
- Administrators must have the
org.update_deactivatepermission to change this setting. The Customer Cloud Admin, Cross-Org Admin and Org Admin roles possess this permission.
Procedure
Note: It may take up to a day before all users in the organization are updated with the new setting.
- Sign in to the CrashPlan console.
- Select Administration > Environment > Organizations.
- Select the organization you want to modify.
- From the action menu
in the upper-right, select Edit.
- Select the Security tab.
- Under the Web Restores section, deselect Inherit setting from parent (if necessary).
- In the Zip file and server filesystem section, select Disabled.
Users in the organization will no longer be able to perform zip file web restores. - (Recommended) Click the Lock icon to apply the setting to all child organizations and prevent them from changing this setting.
- Click Save.