Overview
CrashPlan for Small Business administrators can use block, deauthorize, and deactivate actions to control access to data and manage accounts. This article explains the impact each of these actions has on users, devices, and plans in your CrashPlan for Small Business environment.
Considerations
- You must have administrative role permissions to perform block, deauthorize, and deactivate actions from the CrashPlan console.
- You should understand the basic information hierarchy of CrashPlan for Small Business, including the definitions below:
- Device
-
A single computer within your CrashPlan for Small Business environment, identified by its GUID. May be used interchangeably with endpoint.
- User
-
A single account in your CrashPlan for Small Business environment. A user account has a single set of sign-in credentials (username and password) and a single encryption key for all backups.
Blocking, deauthorizing, and deactivating at a glance
- Blocking is a non-destructive action that prevents access to the CrashPlan app. A blocked user or device cannot sign in.
- Deauthorizing is a non-destructive action that simply signs a user out of a specific device. Users can sign in again at any time.
- Deactivating is a destructive action that removes a device or user from your environment. An active user can sign in again to a deactivated device, but a deactivated user cannot sign in.
The following table shows how blocking, deactivation, and deauthorization can be applied to devices, users, organizations, and plans:
| Devices | Users | Possible Data Loss | |
|---|---|---|---|
| Block | X | X | No |
| Deactivate | X | X | Yes |
| Deauthorize | X | No |
Block
Blocking prevents access to CrashPlan for Small Business but is not destructive to existing data. Specific implications for devices, users, and organizations are detailed below.
- When you block a device, the user is signed out of the CrashPlan app on that device and cannot sign in again on that device.
- Users can continue to use other devices.
- Data on the device is still protected in the cloud.
- The CrashPlan service continues backing up, but users cannot access the CrashPlan app on the device to restore data or change settings.
- When you block a user, that user cannot sign in to CrashPlan for Small Business:
- Users cannot sign in to the CrashPlan app from any device.
- Online access to the CrashPlan console is also blocked.
- User data is still protected in the cloud.
- The CrashPlan service continues backing up all of the user's devices, but the user cannot access the CrashPlan app to restore data or change settings.
Use case examples
- Theft or loss: you may want backups to continue while searching for the device, but want to prevent unauthorized access to backup archives.
Unblock
When you unblock a device, user, or organization, normal access to the CrashPlan app is restored.
Deauthorize
Deauthorization only applies to devices. Users cannot be deauthorized.
- When you deauthorize a device, the current user is signed out of the CrashPlan app. Users can sign in again at any time.
- Deauthorization is not destructive, and no data is deleted when a device is deauthorized.
- The CrashPlan service stops backing up, and users cannot access the CrashPlan app to restore data or change settings without signing in again.
Deauthorizations and subscriptions
Deauthorized devices still use a subscription and will be billed accordingly.
Use case examples
- Troubleshooting: deauthorization is sometimes requested by our Customer Champions.
- Testing: deauthorizing a device can be used to test a user's credentials or other behavior.
- Theft or loss: the device will be unable to back up or restore files until the user has signed back in to the device.
Deactivate
Deactivation is a destructive action that prevents access to CrashPlan for Small Business and removes user data from devices. Specific implications for devices, users, organizations, and plans are detailed below.
Permanent Data Loss Warning
Deactivation can destroy data, unlike blocking or deauthorizing.
- Deactivated archives are marked for removal and will be permanently deleted within 24 hours.
- Archives backed up to a local folder or other account device are immediately deleted upon deactivation.
- When you deactivate a device, the user is signed out of the CrashPlan app on that device.
- The user can sign in again at any time, but archives previously associated with the device will no longer be present.
- The CrashPlan service stops backing up and restores are not available.
- Backup archives are removed from all backup destinations. The device's backup archive is marked for removal and will be permanently deleted within 24 hours.
- When you deactivate a user, the user is signed out of all devices and online sessions, and the deactivated user cannot sign in to any part of your CrashPlan for Small Business environment:
- Users cannot sign in to the CrashPlan app from any device.
- Online access to the CrashPlan console is also prohibited.
- The user cannot sign in to any device until being reactivated.
- Backup archives are removed from all backup destinations. All of the user's backup archives are marked for removal and will be permanently deleted within 24 hours
Deactivation and subscriptions
Once a device is deactivated, it will no longer be charged a subscription.
Use case examples
- Offboarding: deactivate a user account when an employee leaves the company.
- Device recycling: deactivate a device when permanently removing it from service.
Reactivation
Reactivation restores access to CrashPlan for Small Business and makes deactivated archives available for use once again by affected users, devices, and the CrashPlan cloud.
Recovering a deactivated archive is only possible if the device or user is reactivated within 24 hours of the deactivation. Please contact CrashPlan for Small Business support immediately if you need assistance recovering deactivated CrashPlan for Small Business archives.
When you reactivate a device, the deactivated archives are made available for use once again by the device if it is reactivated within 24 hours of deactivation.
When you reactivate a user, the deactivated user's archives are made available for use once again by each device associated with the user, and all devices associated with this user account are reactivated immediately if reactivated within 24 hours of deactivation.