Smartcrypt for File Servers
Lock down data without blocking workflows
Shared file storage is an essential component of every organization’s IT infrastructure, allowing departments and teams to organize their data and collaborate effectively.
The convenience of shared storage comes with a tradeoff. When employees save and copy files in a common location, organizations often have no way of knowing whether sensitive information is being stored or shared inappropriately.
A new level of protection
PKWARE’s Smartcrypt finds and encrypts sensitive data on file servers and network-attached storage devices, protecting information from accidental or intentional misuse.
Unlike full-disk encryption solutions, Smartcrypt provides persistent protection for data at rest and in motion. Smartcrypt protection remains with files even when they’re moved or copied from a shared location, ensuring that only authorized users can access the encrypted information.
Smartcrypt also uses PKWARE’s industry-leading compression technology to reduce file sizes before encryption. While other encryption products bloat data volumes by 30% or more, Smartcrypt actually reduces data volumes, lowering data storage and transmission costs.
How it works
Smartcrypt creates protected locations called “lockers” on file servers and network storage devices. Files placed in a locker are encrypted with keys that are available only to authorized users. Administrators can create detailed encryption policies that govern which types of files will be protected and which keys will be used to encrypt them.
Smartcrypt’s persistent encryption remains with files when they are moved or copied from lockers, eliminating the possibility that an unauthorized user could access sensitive information in a stolen or mishandled file.
Organizations can use Smartcrypt’s data discovery capabilities to make encryption even easier and more secure. When discovery is enabled, Smartcrypt scans each file that is placed in a locker or modified while stored in a locker. If the file contains information that meets the organization’s definition of sensitive data, Smartcrypt will automatically encrypt it.
To protect shared file locations, the Smartcrypt for File Servers agent is installed on each server or NAS device that may potentially store sensitive information.
Agents can be configured to encrypt all files in the storage location, or to use Smartcrypt’s data discovery capabilities to scan and encrypt files based on their contents.
Administrators use the Smartcrypt Manager console to define encryption policies for each storage location.
Encryption policies govern which types of files are encrypted and which encryption keys are used to protect the files.
Smartcrypt’s innovative Smartkey technology lets administrators grant or revoke access to encrypted information at any time.
End User Experience
Users who store or access files in protected locations can continue to use their normal workflows.
Smartcrypt automates encryption key exchange and synchronization, so the encryption and decryption process is transparent to the end user.