Wrike Lock
|
Availability: Pinnacle, Apex; Unavailability: Free, Team, Business; |
By default, your Wrike workspace data and attachments are protected by foundational encryption; however, Wrike Lock provides an additional layer of encryption. It encrypts the keys to your encrypted Wrike data with a master encryption key that's stored with Amazon Web Services’ Key Management Service (AWS KMS) or Microsoft Azure Key Vault, allowing you to take control of access to your data. You own and manage your master encryption key, and it resides outside of Wrike.
-
You need an AWS KMS account or Microsoft Azure Key Vault to use Wrike Lock.
-
It's possible to create emergency recovery keys, which can be used to decrypt an account if the encryption key or access to AWS KMS is lost.
-
All workspace data (including tasks, folders, projects, workflows, comments, and attachments) is encrypted.
-
For those on the Enterprise Pinnacle plan: You'll need to encrypt your Wrike Analyze data separately.
Wrike Lock with Bring Your Own Keys (BYOK) does not encrypt all Whiteboard data
Data encryption with BYOK won’t apply to:
-
Any data placed on Whiteboards
-
Any Whiteboard metadata (e.g. title, description of the Whiteboard).
-
Part of Wrike data exposed on native integration work item widgets.
Data, still encrypted with BYOK:
-
Wrike data exposed on the Whiteboard via iframe widgets.
-
You have control of your data even though it's in the cloud. Monitor, grant, and revoke access to your encryption/decryption master key using the AWS console.
-
You have an additional layer of encryption — both your data and keys to it are encrypted.