Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
cloudencryption [2018_01_30 17:23] – external edit 127.0.0.1 | cloudencryption [2019_09_30 14:03] – [Uploading] jim | ||
---|---|---|---|
Line 13: | Line 13: | ||
===== Encryption Algorithm ===== | ===== Encryption Algorithm ===== | ||
- | SME uses AES-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. The cipher Rijndael consists of: | + | The File Fabric |
* an initial Round Key addition | * an initial Round Key addition | ||
Line 27: | Line 27: | ||
===== Encryption Scope ===== | ===== Encryption Scope ===== | ||
- | Encryption can be set at an Org (Team) or on a Personal level. | + | Encryption can be set for the whole team by the File Fabric Administrator by setting |
+ | If global team encryption is not turned on, the File Fabric Administrator can set the scope to be on a per user level, in which the end user is responsible for setting and remembering the encryption key. | ||
+ | |||
+ | |||
+ | |||
===== Team Encryption ===== | ===== Team Encryption ===== | ||
- | The Cloud Admin of the Team Account can set by logging | + | The File Fabric Administrator |
- | Once this password is set then Cloud Files for all users of the Primary Cloud are ' | + | Once this password is set then Files for all users of the Primary Cloud are ' |
**Note:** Existing files are not encrypted only new file uploads are encrypted. | **Note:** Existing files are not encrypted only new file uploads are encrypted. | ||
Line 40: | Line 44: | ||
---- | ---- | ||
- | The password is stored, in an encrypted fashion, in the SME appliance | + | The password is stored, in an encrypted fashion, in the File Fabric |
Line 49: | Line 53: | ||
* All shared team folders | * All shared team folders | ||
* All Shared team folders plus user files | * All Shared team folders plus user files | ||
+ | * Nominated Folders | ||
//Share Team Folders:// Only team folders are encrypted the users personal files are not encrypted | //Share Team Folders:// Only team folders are encrypted the users personal files are not encrypted | ||
Line 54: | Line 59: | ||
//All Shared Team folders plus user files:// Shared Team folders and users personal files in the personal cloud are encrypted at rest | //All Shared Team folders plus user files:// Shared Team folders and users personal files in the personal cloud are encrypted at rest | ||
+ | //Nominated folders:// | ||
---- | ---- | ||
- | For team folders, the encryption **is transparent** to end users. Team users **do not need to know** the encryption password and files are simply encrypted and decrypted as accessed via SME Apps. | + | For team folders, the encryption **is transparent** to end users. |
Team encrypted files that are shared without passwords also **do not** require the recipient to know the encryption password. | Team encrypted files that are shared without passwords also **do not** require the recipient to know the encryption password. | ||
Line 67: | Line 72: | ||
Standalone desktop decryption tools are provided in the event users want to download encrypted files direct from remote clouds or data stores. | Standalone desktop decryption tools are provided in the event users want to download encrypted files direct from remote clouds or data stores. | ||
- | |||
===== Personal Encryption ===== | ===== Personal Encryption ===== | ||
==== Uploading ==== | ==== Uploading ==== | ||
- | A user can set his own password to encrypt files uploaded in the web browser (entered when uploading), in the desktop tools, and also using the SME Android App. | + | A user can set his own password to encrypt files uploaded in the web browser (entered when uploading), in the desktop tools, and also using the File Fabric |
Line 82: | Line 86: | ||
---- | ---- | ||
- | For windows | + | For Windows |