Content deleted Content added
#redirect filesystem-level encryption |
User93454235 (talk | contribs) No edit summary |
||
Line 1:
'''File/folder encryption software''' is [[computer security]] [[Encryption_software|encryption software]] that encrypts a selected set of files on a computer system. File encryption works at the file layer, and thus differs from [[filesystem-level encryption]] which encrypts at the filesystem layer. It also differs from [[Disk encryption software|disk encryption software]], which works at an even lower layer. Another significant difference about file-level encryption is that the original file, or files, remain in-tact; and newly created encrypted versions of the file(s) are created. A benefit of file-level encryption is that files encrypted using file-level encryption can be copied to unencrypted filesystems, and the encrypted files will remain encrypted.
==History==
Business, industry and universities have long used "tape" to create backups of their information. As tapes are relatively inexpensive, portable and durable, best practices led to archiving some of the tape backups off site. For some organizations, this then led to the need to secure the confidential business information, which was addressed by encrypting the files as they were written to tape.
In the last decade or so, file-level encryption to tape has given way to device-level encryption, with the encryption being performed by the tape drives instead of the system CPU. Some examples of encryption-capable drives include the StorageTEK T10K series of drives as well as selected LTO drives. With encryption-capable tape drives in the data center, encryption keys are managed and securely delivered to tape drives by dedicated key managers. Some examples of key managers include the [https://www.oracle.com/storage/tape-storage/key-manager-3/index.html Oracle Key Manager] and [[Backup_Exec|Veritas Backup Exec]].
Though higher-end tape solutions have moved away from file-level encryption to device-level encryption, file-level encryption appears to be increasing in other areas, including small to mid-size companies as well as individual consumers.
==Trends==
====Small Business====
Due to encrypted tape drive solutions being a significant investment, smaller businesses, and especially "startups", rely upon backup solutions that include remote ("cloud") storage as well as writing files to removable discs and/or disks. These trends are typically performed as a file-level backup, and they can easily be encrypted. "Small" SQL databases can be backed up to a file, and thus included as part of the businesses file-level backup.
====Cybercrime====
According to [[Europol|EUROPOL]], the European police, ransomware is a key threat and the dominant concern to certain law agencies.<ref>https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2016</ref> [[Ransomware]], which infects a system like any other form of [[Malware|malware]], delivers its payload (intended purpose) by encrypting the files in certain directories and then deleting the original files. The original files are then "lost" until a ransom is paid, which is typically required to be paid in bitcoin. Since the attacks use "unbreakable encryption", the victim has little choice if they want the files back. Either pay the ransom, or lose the files. For this reason, victims of ransomware learn that they should create regular backups and save them offline, which means they should be encrypted using file-level encryption.
==Software Applications==
There are many software applications that provide file-level encryption. Some of those are explicitly for business, while others may be used by both businesses and consumers. Listed below are but a few of the software applications that provide file-level encryption.
====Examples For Large Businesses:====
[[IBM_Tivoli_Storage_Manager|IBM Tivoli]]
[[Backup_Exec|Veritas Backup Exec]] (supports both file-level and device-level encryption)
====Examples For Small Businesses and Consumers:====
====<i>Cloud Based File Encryption</i>====
[[Carbonite_(online_backup)|Carbonite]]
[[Code42|Crash Plan]]
[[ICloud|iCloud]]
[[SOS_Online_Backup|SOS Online Backup]]
====<i>Local File Encryption</i>====
[[7-Zip]]
[https://www.trustpds.com Personal Data Security (PDS)]
[[WinZip]]
| |||