Hassle-Free End-to-End Encryption
What is End-to-End Encryption?
End-to-end encryption (E2EE) is a security protocol that protects data as it is transferred from one endpoint to another. The endpoints in this exchange are the sending device and the receiving device. It is a form of security often used by private messaging services to send encrypted messages.
By using E2EE, you encrypt the data for the entire transmission process, making it accessible in unencrypted form only at each end of the exchange. Decrypting the message requires a decryption key. Any 'man-in-the-middle' third-party attacker who tries to intercept the transmission won’t be able to access the data.
End-to-End Encrypted File Sharing
In secure file transfers that use an intermediate cloud-based service, E2EE plays a key role in the overall cloud security posture. End-to-end encryption involves several interconnected security protocols to fully deliver a total E2EE experience. These elements—which include many types of encryption—are used at various stages to ensure your files are kept safe at every step of the journey, from you to your recipient.
By using E2EE, you can ensure that only the sender and recipient—the endpoints in the exchange—are capable of accessing the shared files. The intermediate cloud-based service can't access the files because it doesn't have the encryption key. This keeps your confidential files private, in a controlled and compliant environment.
How Does End-to-End Encryption Work When Transferring Files?
Three technologies working together to provide full-spectrum protection for your files.
Client-Side Encryption
To maximise the protection of your data, client-side encryption can be used to initiate the protection of your files while they are still on your device. Your files are encrypted before they ever touch the internet, putting you in full control from the very start.
Encryption in Transit
HTTPS and HTTPS Transport Layer Security (TLS) protect every large file transfer between your device and the service provider. This ensures, your data stays protected while moving between your device and the cloud.
Encryption at Rest
To protect data that is stored on a server, it is encrypted as it ‘rests’ in the cloud. This additional layer of security protects sensitive data while it is on the server, as the data is unreadable without the encryption key.
How to Easily Facilitate End-to-End Encryption Using Filemail
We enable you to stay compliant with a range of regulations and mandates such as HIPAA and GDPR with our simple E2EE process, that can be implemented in just a couple of clicks.
There are four main components when it comes to providing holistic end-to-end protection for your files. These four steps, when used in conjunction, ensure your files are protected at every step of the journey—from your device, to and while on Filemail’s cloud, to your intended recipient.
The steps are implemented in the following order, which aligns with the file sharing journey.
First: Encrypt While On Your Device
When you click on ‘Send’, you are presented with a Security dropdown. Click on it to access the variety of security measures you can use. One of those options is end-to-end encryption. After enabling it, enter the E2EE key you want to use. This key encrypts your files before transfer. Once the files are encrypted, the data transfer begins.
Second: Encrypted During Transmission to Filemail
We use HTTPS and TLS to securely transfer data from your device to our servers. Once we receives your files, we store them on our cloud-based service. Thus, not only are your files encrypted, but the data on the transmission channel is also encrypted. This ensures the confidentiality of the data while it’s in transit.
Three: Securely Hosted in Our Cloud
Our cloud platform securely houses your encrypted files in full compliance with industry regulations. Filemail has no way to access your encrypted files, as we use 256-bit AES encryption for data at rest on our servers. This means even if our servers were compromised, your files would remain unreadable without the unique encryption key.
Four: Safely In Your Recipient's Hands
Your recipient begins downloading the files from our cloud service, although the files remain encrypted. We use HTTPS and TLS to secure the download process, keeping your encrypted files safe until they reach the recipient. You must share the specific encryption key you defined with your intended recipient. Without the key, they can’t access the files.
Highlights of Filemail’s End-to-End Encryption Protocol
Security In Your Hands
You encrypt your files before they even leave your device, keeping everything protected from the very start.
Server-Side Privacy
Files remain encrypted on our servers, ensuring maximum privacy and user control.
Peace of Mind
Any interceptions or security breaches would still mean your files are secure, as only you and your recipient have the encryption key.
Zero-Knowledge
Zero-knowledge refers to the complete lack of transparency we have when it comes to the actual contents of your file.
FAQ
It takes just two steps to harness the protection offered by E2EE whenever you want to send large files with Filemail. You simply select end-to-end encryption as your security option. Then, you define a unique private encryption key, at this point only you know it. The key can be whatever you want it to be: letters, numbers, symbols, or a mixture. The choice is yours.
The private key you define is used alongside encryption algorithms (such as AES 256-bit), resulting in altered data that is undecipherable. It is vitally important that you store this key in a safe place and share it securely with your recipient, as this private key is used to both encrypt and decrypt the data. Filemail does not store or manage your key; this ensures complete privacy, but also means that if the key is lost, the files cannot be recovered.
If you lose or forget your encryption key, your files cannot be decrypted by you, your recipient, or Filemail. For your privacy and security, we do not store or have access to your key. This ensures complete confidentiality, but it also means there is no way to recover the files without the key. We strongly recommend storing your key in a secure location and sharing it safely with your recipient.