What is Folder and File Encryption
Folder and file encryption is applied only to individual files or folders, also referred to as containers. The benefit of using this method of encryption is that only those files deemed as sensitive and requiring extra protection are encrypted. This means that the resource overhead is minimised.
How is Folder Encryption Deployed
Folder and file encryption is normally enabled through a software agent being deployed to an endpoint such as a laptop or PC. The encryption agent is centrally controlled and managed. From here, enterprise-wide policies can be enabled to simply “encrypt everything”. Alternatively, and more efficiently, sensitive folders or file types can be identified and policies assigned to just these locations/extensions.
A more granular approach may be to allow the individual users to have more control over what they encrypt and thus a more locally managed approach is adopted. Software agents need only be deployed to the endpoints that store more sensitive data and as such, this is a more targeted approach to encryption.
How to Manage a File and Folder Encryption Strategy
The central administration of this method allows administrators to grant or revoke user access to encryption keys at any time. As always with encryption, the management and security of the encryption keys are of paramount importance.