Classic file types are no longer available for use as of January 2021. You can transition your classic files or download a PDF. Learn More

Workiva Support Center

Remove or restore an encryption key

Remove or restore an encryption key

  • Last updated on
This article is for:
  • Org Security Admins

As you work with key management, also known as bring your own key (BYOK), you can remove or restore an encryption key. Review details below for steps and details to help you remove or restore a key.

 

Remove an encryption key

If you remove a key, any files previously encrypted using that key will no longer be accessible to users in your organization. As such, act with caution when removing an encryption key for an organization. You can only undo this action by uploading the exact same key.

To remove a wrapped encryption key:
  1. From Organization Admin, click Security.
  2. Click Key Management.
  3. Click Remove Key.
    Click Remove Key
  4. Select Browse and upload your current key material.  RemoveKey.png
  5. Select Remove Key
  6. Check the box to confirm that you understand you won’t be able to access your data once the key is removed. check the box to confirm you understand you won't be able to access your data after removal and click Remove Key
  7. Click Remove Key.

After a key is removed, you'll see a status indicator showing that they key was removed. You'll no longer have access to your files previously encrypted with this key, making the organization unusable until the key is restored.

 

Restore an encryption key

Note: You need the exact same original key to restore it.
To restore a wrapped encryption key:
  1. From Organization Admin, click Security.
  2. Click Key Management.
  3. Complete Step 1: Click Download public key and use it to wrap your encryption key. 

    Once you download the public key, you have 24 hours to wrap and upload the new key.

  4. Complete Step 2: Click Browse and upload the wrapped key. 

    This key must be a 256-bit symmetric key wrapped by the public key downloaded in Step 1.

  5. Click Restore Key.
    after uploading your wrapped key, click Restore Key
  6. Check the box to confirm you'll keep a copy of the key.
    check the box to confirm you will keep a copy of your key
  7. Click Restore Key.
To restore a plain text key:
  1. From Organization Admin, click Security.
  2. Click Key Management.
  3. Click Browse and select the original key. 
  4. Click Restore Key.
    after uploading your key, click Restore Key
  5. Check the box to confirm that you'll keep a copy of the key.
    check the box to confirm that you will keep a copy of your key and click Restore Key
  6. Click Restore Key.

 

After you restore a key, any files previously encrypted with that key will now be accessible. Additionally, all files created going forward will use that key as well.

Was this article helpful?
3 out of 7 found this helpful
This article is for: Org Security Admins As you work with key management, also known as bring your own key (BY...