Bringing Client Side Encryption to Google Drive

Chris BoulangerChris Boulanger | September 14, 2015
Want to see this feature in your organization?. Contact us to schedule a personalized demo.

Google takes the security of Google Apps seriously, but many organizations want additional protections in place.  AODocs and Virtru are bringing new security options to organizations without sacrificing the benefits of a cloud file storage solution. Continue reading to learn about the new client-side encryption capabilities we’ll be rolling out in the coming months.

Regulatory Requirements

Many industries, including healthcare, finance and education, are required by law to maintain higher levels of security for data storage, access and transmission.

In the US for example, the HIPAA Security Rules specify administrative, physical and technological safeguards
for the security of electronic protected health information (e-PHI). Some of the safeguards include:

  • Information Access Management: “implement policies and procedures for authorizing access to e-PHI only when such access is appropriate based on the user or recipient’s role (role-based access).”
  • Workstation and Device Security: “implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).”
  • Access Control: “implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI)”
  • Audit Control: “implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain an duse e-PHI.”
  • Integrity Control: “implement policies and procedures to ensure that e-PHI is not improperly altered or destroyed. Electronic measures must be in place to confirm that e-PHI has not been improperly altered or destroyed.”
  • Transmission Security: “implement technical security measures that guard against unauthorized access to e-PHI that is being transmitted over an electronic network.”

Other US regulations such as FERPA (education) and CJIS (criminal justice) call for similar requirements/safeguards to be in place.

Built-in security with AODocs

AODocs secures your data in a number of ways from the moment you install it. You gain access, integrity and audit capabilities out of the box.

  • Centralized File Ownership: Accidental deletion is prevented because all files are owned by a system account. This means that administrators are in control of deleted files and can easily recover them.
  • Centralized Permission Management: Admins have granular control over who can read and edit documents, but also who can modify the sharing permissions, delete files, or alter the folder structure.
  • Comprehensive Logs: Record user activity and be able to easily identify access and usage.
  • Version Control : Manage multiple versions of files and be able to rollback if something happens. Provide author-defined snapshots to connect alterations to users.

Add Encryption without Adding Complexity

We’ve integrated Virtru with AODocs to offer scalable document encryption to our users.

With Virtru & AODocs, you gain client-side encryption of documents within Google Drive without sacrificing document management features:

Aodocs virtru system diagram

  • Users and Admins manage encryption keys to control who has access to sensitive content. Access can be audited, revoked or altered from a centralized dashboard.
  • Encryption/Decryption is handled within the browser, meaning no one – not Google, AODocs or Virtru – has access to unencrypted content.
  • AODocs centralized ownership still applies. Virtru gives you more security, but you still have control of folders and files through administration.
  • AODocs still manages your files and folders. Encrypted files are searchable via metadata, but contents are only viewable with the right encryption key.

The addition of Virtru encryption to your AODocs File Server or Document Management System can enhance your compliance with regulations and give you the flexibility to implement encryption as needed for any use case that might arise.

To Learn More: Schedule a consultation or Register for an upcoming Webinar.

Want to try AODocs? Click below to get started.

Try AODocs for free

Learn more