This glossary explains the key concepts and terms used in the encryption process. 

Encryption process termsExplanations
Add guardpoint with Policy

The workspace is about to be encrypted. Access to the workspace is temporarily restricted so nothing can be added or removed during the encryption process.
From this point forward, when files are added to the encrypted workspace, they're encrypted.
Delete pending guardpoint with Policy The restriction that prevents access during the encryption is removed.
Marked guardpoint pending delete with Policy The workspace is encrypted.
Decryption process termsExplanations
Delete pending guardpoint with policy
 
Access to the workspace is temporarily disabled. Nothing can be added or removed during the decryption process.
Marked guardpoint pending delete with policy

The workspace is about to be decrypted. The  policy that allows access to the workspace will be removed. This allows the data to be safely decrypted.
General TermsExplanations
Asymmetric cryptographyAlso known as public key cryptography. This method uses public and private keys to encrypt and decrypt data. The key that is exported from Anaplan is the public key of the pair and the algorithm used is RSA 2048. This will be used to wrap a symmetric key.
Create symmetric keyAn Encryption Administrator creates an encryption key in BYOK.
Symmetric cryptographyUses the same cryptographic keys for both encryption of plain text and decryption of cipher text.
Update keyAn Encryption Admin updates the reminder date of an encryption key in BYOK.
Wrapped keyAn AES-256 symmetric key wrapped in an asymmetric key generated within Anaplan.