By SRT CEO Michael Ryan

Sensitive and confidential documents stored on your servers need to be protected. Encrypted file storage is likely a requirement on your security checklist. Meeting this requirement provides an additional defense against unauthorized users gaining access to your data, and protects against internal users viewing files that they are not authorized to see.

Not all disk encryption implementations offer complete point-to-point protection. Standard disk encryption implementations often leave your data exposed, potentially for thousands of processor cycles. In some cases, full or partial images of unencrypted data remain on disk indefinitely.

Standard Disk Encryption Implementation

Many file transfer solutions that offer disk encryption start by sending a file to the server using a secure protocol. When it reaches the server, an unencrypted copy is written to disk. The encryption process writes a new, encrypted copy. The unencrypted version remains on the disk. Typically, an additional step will mark the unencrypted instance as deleted. “Deleting” a file simply marks the file, telling the operating system that the space previously occupied by the file is now available. But no data is removed. In some implementations, the original unencrypted version is scrubbed – a second step that overwrites the file location on the disk. But sometimes that file image remains until the operating system re-uses that space on the disk.

Streaming Disk Encryption Implementation

Streaming file encryption eliminates the vulnerability of having an unencrypted file on your server. The file is sent to a server using a secure protocol, but when it reaches the server, it is encrypted and written to disk in a single step. Using this implementation, no unencrypted data is written to disk. Ever. There is therefore no need to mark the file as deleted and then overwrite the location on disk. Streaming disk encryption is more efficient, but most importantly, never leaves sensitive data exposed

Titan MFT Server offers streaming disk encryption using PGP. The Titan MFT solution ensures point-to-point protection of your sensitive data. Encryption and decryption happen automatically, so additional steps are not required for outbound file transfers.