Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
cloudencryption [2019_09_30 14:04] – [Uploading] jim | cloudencryption [2020_11_13 14:51] – [Encryption Overview] jim | ||
---|---|---|---|
Line 3: | Line 3: | ||
===== Encryption Overview ===== | ===== Encryption Overview ===== | ||
- | One of the issues | + | One of the issues with increasing compliance regimes such as GDPR, CCPA, and increasing breaches of data is the issue of security. |
- | The secondary security concern can be with Cloud the Providers themselves. Users often want to protect certain files on the actual Cloud where they reside, and to that end they can want to use encryption | + | Most data services use an encryption 'at rest' data strategy. This encrypts all data that resides |
- | This particular use case can be solved by using the Cloud encryption service that SME provides. Encryption works when users upload files from SME web or desktop access clients, to any of the 40+ Cloud Storage and Saas Providers that SME supports. Users connect over SSL and assign files a private key phrase to file that are uploaded. | + | From a compliance perspective, |
- | This key phrase | + | Companies therefore should take additional precautions with data ie. ensuring it is encrypted independent of the storage provider. File based encryption is one such mechanism that can be used to achieve this. |
+ | |||
+ | The File Fabric' | ||
+ | |||
+ | You can consider file based encryption | ||
+ | |||
+ | The File Fabric can be used to encrypt either | ||
===== Encryption Algorithm ===== | ===== Encryption Algorithm ===== | ||
Line 59: | Line 65: | ||
//All Shared Team folders plus user files:// Shared Team folders and users personal files in the personal cloud are encrypted at rest | //All Shared Team folders plus user files:// Shared Team folders and users personal files in the personal cloud are encrypted at rest | ||
- | //Nominated folders://Only files in nominated are encrypted. | + | Nominated folders: Only files in nominated are encrypted. |
---- | ---- | ||
Line 77: | Line 83: | ||
A user can set his own password to encrypt files uploaded in the web browser (entered when uploading), in the desktop tools, and also using the File Fabric Android App. | A user can set his own password to encrypt files uploaded in the web browser (entered when uploading), in the desktop tools, and also using the File Fabric Android App. | ||
- | |||
- | ---- | ||
In the browser when uploading the user has the option to encrypt the files and enter the encryption phrase. | In the browser when uploading the user has the option to encrypt the files and enter the encryption phrase. | ||
- | |||
- | ---- | ||
For Windows and Mac Apps the user can set the encryption phrase in settings or in the dedicated windows explorer explicitly set the encryption password on upload. | For Windows and Mac Apps the user can set the encryption phrase in settings or in the dedicated windows explorer explicitly set the encryption password on upload. | ||
- | |||
- | ---- | ||
On the SME Android App files uploaded can also be encrypted on upload from the device | On the SME Android App files uploaded can also be encrypted on upload from the device | ||
- | |||
- | ---- | ||
Unlike the account level encryption the encryption phrase set by personal users is **not stored on the server** ie. the user has to remember the phrase otherwise they will not be able to gain access to the file and if they forget it there is no way for the SME service to recover it. | Unlike the account level encryption the encryption phrase set by personal users is **not stored on the server** ie. the user has to remember the phrase otherwise they will not be able to gain access to the file and if they forget it there is no way for the SME service to recover it. | ||
**Note:** also that different phrases can be used for different files. | **Note:** also that different phrases can be used for different files. | ||
- | |||
- | ---- | ||
As an optimization the SME desktop tools provide an option to save a single encryption phrase for ease of use when dealing with files from the desktop. | As an optimization the SME desktop tools provide an option to save a single encryption phrase for ease of use when dealing with files from the desktop. |