File Storage Encryption

File Storage Encryption Definition

Photo of a combination lock and chain on a computer keyboard
© Daniel Grill / Getty Images

What is File Storage Encryption?

File storage encryption is just the encryption of stored data, usually for the purpose of protecting sensitive information from being viewed by people who shouldn't have access to it. 

Encryption puts files into a password protected and scrambled format called ciphertext that's not human-readable, and therefore can't be understood without first decrypting them back into a normal readable state called plaintext, or cleartext.

File storage encryption is different than file transfer encryption, which is encryption used solely when moving data from one place to another.

When is File Storage Encryption Used?

File storage encryption is more likely to be used if data is stored online or in an easily accessible location, like on an external drive or flash drive.

Any piece of software can implement file storage encryption but it's normally a helpful feature only if personal information is being stored.

For programs that don't have file storage encryption built-in, 3rd party tools can do the job. For example, a number of free, full disk encryption programs are out there that can be used to encrypt an entire drive.

It's common for encryption to be used by companies on their own servers when your personal details like payment information, photos, email, or location information are being stored.

File Storage Encryption Bit-Rates

The AES encryption algorithm is available in different variants: 128-bit, 192-bit, and 256-bit.

A higher bit-rate will technically provide greater security than a smaller one, but for practical purposes, even the 128-bit encryption option is entirely sufficient in safe-guarding digital information.

Blowfish is another strong encryption algorithm that may be used to securely store data. Blowfish uses a key length anywhere from 32 bits up to 448 bits.

The major difference between these bit-rates is that the longer key sizes use more rounds than the smaller ones. For example, 128-bit encryption uses 10 rounds while 256-bit encryption uses 14 rounds, and Blowfish uses 16. So 4 or 6 more rounds are used in the longer key sizes, which translates to additional repetitions in converting the plaintext to cliphertext. The more repetitions that occur, the more jumbled the data becomes, making it even harder to break.

However, even though 128-bit encryption doesn't repeat the cycle as many times as the other bit-rates, it's still extremely secure, and would take a huge amount of processing power and far too much time to break using today's technology.

File Storage Encryption With Backup Software

Nearly all online backup services utilize file storage encryption. This is necessary considering that private data like videos, images, and documents are being stored on servers that are accessible via the Internet.

Once encrypted, the data can not be read by anyone unless the password used to encrypt it is then used to reverse the encryption, or decrypt it, granting you the files.

Some traditional, offline backup tools also implement file storage encryption so that the files you back up to a portable drive, like an external hard drive, disc, or flash drive, are not in a form that anyone that has possession of the drive can look at.

In this case, similar to online backup, the files are unreadable unless the same software, accompanied with the decryption password, are used to return the files back into plaintext.