Safeguard your sensitive and valuable data from unauthorized access through state-of-the-art file encryption architecture. The modular and flexible encryption option offered by ownCloud enables you to encrypt your files and allows for custom setups to combat all possible digital threats and comply with regulatory requirements.
To ensure a high level of data protection and data secrecy, the ownCloud comprehensive file encryption architecture offers up to three levels of file encryption:
File encryption in transit:
In-transit file encryption is active by default and design with the use of HTTPS connections and the latest TLS protocol. Encrypt your files server-wide and/or end-to-end. In fact, in-transit encryption is mandatory to ensure General Data Protection Regulation (GDPR) compliance.
File encryption in rest:
Encryption at rest means to encrypt all files saved from the ownCloud application server prior to saving them on the actual storage. ownCloud uses a single master key encryption method for this method that is supported on all file systems. Only the administrator in possession of the master key can decrypt files in this setup. Master key encryption prevents files to be read from the storage, ensuring complete privacy and peace of mind.
File encryption at rest offers the advantage of preventing data breach issues related to physical access to the storage, including stolen hard disks. For an added level of security, the keys can be stored in a hardware security module (HSM), which reacts only on the request of the ownCloud application.
End-to-End Encryption Plugin:
For a superior level of data secrecy and data protection, particularly recommended for highly-sensitive data, ownCloud provides an End-to-End (E2EE) file encryption plugin. With the help of this plugin, users and authorized guest users can share fully-encrypted files. A JavaScript plugin encrypts files on upload with public keys provided by the server. File decryption also takes place in the web interface, with the use of a private key.
The user who uploaded the file can also view and keep track of the users who access the files. The end-to-end encryption feature works in any common, modern browser.
With the end-to-end encryption plugin, sending encrypted files via email is a breeze. You can easily share a file within the ownCloud user interface or by sending an email directly via the ownCloud Outlook plugin, without the need for additional encryption.
This premium plugin is available as an added subscription with the ownCloud Enterprise edition.
How it works:
Secure file storage with the ownCloud Encryption app is really simple. As soon as the app is enabled by your ownCloud administrator, all of your ownCloud data files are automatically encrypted. This means that, once the app is set, you can focus all your time and energy on your work, confident in the knowledge that your data is as safe as it can possibly be.
File Encryption is server-wide. So, once enabled, keeping your files unencrypted is no longer an option. As an added advantage, the app doesn’t require you to keep track of an extra password but uses your ownCloud login as the password for your unique private encryption key. Simply log in and out and manage and share your files as you normally do, with the flexibility of changing your password whenever you want.
Certain resources, including but not limited to file names, image thumbnails, existing files in the trash bin, file previews, the search index from the full text search app, third party app data and existing files in Versions, are not encrypted.
Our promise: A high level of data protection
Our users trust us with their valuable and sensitive data, and we at ownCloud are committed to treating that trust with utmost respect. We are confident that we can provide the right data protection solution for your business, regardless of the industry or size.
We welcome you to discuss with us your unique data protection needs and cybercrime concerns, and we will together find the right combination of setup and add-ons to find a solution that is perfect for you and your business.