Data Control Platform FAQ

• How do I get a DeviceContext to initialize a Data Control Platform SDK?
  You need to create a user and then a device within the Data Control Platform.
  If you just want to try some things out, you can generate a DeviceContext with ironoxide-cli as well.
• Can the Data Control Platform SDK be used to authenticate users for my app?
  No. The Data Control Platform works with an existing identity provider.
• The group of users I want to encrypt to changes often. Do I have to re-encrypt the data every time I want to change who can decrypt a document?
  The Data Control Platform handles highly dynamic groups of decryptors very gracefully via Scalable Encryption Groups
• When a user is added to a Scalable Encryption Group, do I need to redistribute the encrypted file/data to the other users?
  No. Changing who can decrypt data does not require the data to be modified at all.
• When a user is removed from a Scalable Encryption Group, will they still be able to decrypt a local copy of the encrypted file they have stored?
  A user will be unable to decrypt any data, even if they have access to a locally-stored version.
• I don't see a way to store data with the Data Control Platform. What am I missing?
  The Data Control Platform doesn't provide data storage, but allows you to store data wherever it is most convenient - files, databases, git repositories, S3 buckets, or anywhere else. Keep in mind that the data can even be stored in publicly accessible locations because it's encrypted.