Encrypting files in cloud storage

SafeGuard Enterprise offers file-based encryption of data stored in the cloud.

It does not change the way users work with data stored in the cloud. Users still use the same vendor specific synchronization applications to send data to or receive data from the cloud. Local copies of data stored in the cloud are encrypted transparently and will therefore always be stored in the cloud in encrypted form.

On Macs, SafeGuard Enterprise offers auto-detection for the following cloud storage providers:

  • Box
  • Dropbox (includes Dropbox Business)
  • Google Drive
  • OneDrive
  • OneDrive for Business

For these providers you only need to specify the path to the synchronization folders in a location-based policy of the type File Encryption.

For application-based encryption of files in cloud storage, you can use predefined placeholders, see Configure application-based File Encryption in the cloud

After the policy has been assigned to endpoints, files in locations covered by the policy are transparently encrypted without user interaction:
  • Encrypted files will be synchronized into the cloud.
  • Encrypted files received from the cloud can be handled by applications as usual.

Data stored in the cloud before you activated encryption is not encrypted automatically. To make sure that sensitive files on their computers are encrypted, users can perform an initial encryption, see Initial encryption.