File Storage Encryption

Stored data can be scrambled so it's understood only after the password has been provided

File storage encryption is just the encryption of stored data, usually for the purpose of protecting sensitive information from being viewed by people who shouldn't have access to it. 

Encryption puts files into a password protected and scrambled format called ciphertext that's not human-readable, and therefore can't be understood without first decrypting them back into a normal readable state called plaintext, or cleartext.

lock with keyboard keys

FLY:D / Unsplash

File storage encryption is different than file transfer encryption, which is encryption used solely when moving data from one place to another.

When Is File Storage Encryption Used?

File storage encryption is more likely to be used if data is stored online or in an easily accessible location, like on an external drive or flash drive.

Any piece of software can implement file storage encryption, but it's normally a helpful feature only if personal information is being stored.

For programs that don't have encryption built-in, third-party tools can do the job. For example, a number of free, full disk encryption programs are out there that can be used to encrypt an entire drive. In some cases, the program appends a very specific file extension to the end of the file name to designate it as encrypted data—AXXKEYCHA, EPM, and ENCRYPTED are a few examples.

It's common for encryption to be used by companies on their own servers when your personal details like payment information, photos, or location information are being stored.

In fact, it's so common that many companies use encryption as a big selling point. One example is secure email services that use encryption to store your email messages on their data centers. Oftentimes, not only the company's employees can access your data unless they, too, know your password.

File Storage Encryption Bit Rates

The AES encryption algorithm is available in different variants: 128-bit, 192-bit, and 256-bit. A higher bit rate will technically provide greater security than a smaller one, but for practical purposes, even the 128-bit encryption option is entirely sufficient in safeguarding digital information.

Blowfish is another strong encryption algorithm that might be used to securely store data. It uses a key length anywhere from 32 bits up to 448 bits.

The major difference between these bit rates is that the longer key sizes use more rounds than the smaller ones. For example, 128-bit encryption uses 10 rounds while 256-bit encryption uses 14 rounds, and Blowfish uses 16. So, four or six more rounds are used in the longer key sizes, which translates to additional repetitions in converting the plaintext to ciphertext. The more repetitions that occur, the more jumbled the data becomes, making it even harder to break.

However, even though 128-bit encryption doesn't repeat the cycle as many times as the other bit rates, it's still extremely secure, and would take a huge amount of processing power and far too much time to break using today's technology.

File Storage Encryption With Backup Software

Nearly all online backup services utilize file storage encryption. This is necessary considering that private data like videos, images, and documents are being stored on servers that are accessible via the internet.

Once encrypted, the data can't be read by anyone unless the password used to encrypt it is then used to reverse the encryption, or decrypt it, granting you the files.

Some traditional, offline backup tools also implement file storage encryption so that the files you back up to a portable drive, like an external hard drive, disc, or flash drive, are not in a form that anyone that has possession of the drive can look at.

In this case, similar to online backup, the files are unreadable unless the same software, accompanied by the decryption password, is used to return the files back into plaintext.

Was this page helpful?