Encryption Administrators can disable encryption keys that are not currently assigned to a workspace. Before you can disable an encryption key, you must unassign it from each workspace to which it is assigned.
When you disable an encryption key:
- The key is shown as disabled in the Status column of the Encryption Keys page.
- The key is removed from the list of available keys shown in the Key drop-down of the Encrypted Workspaces page.
- Workspaces encrypted with that key remain encrypted, including backup versions of the workspace.
To disable an encryption key:
- Unassign the key that you want to disable on each workspace to which it is assigned.
- In the Administration left-hand sidebar, select BYOK > Encryption Keys.
- Select the active key that you want to disable.
- Select Disable.
A red cross
falsein the Status column indicates that the key is disabled.