Persistent File Protection - About
This is an Early Access feature
This Feature is in Early Access and applies to the Gmail Browser Plugin and certain elements of the Secure Reader experience. If your team is interested in getting early access to this functionality, please reach out to VirtruEarlyAccess@virtru.com.
Persistent File Protection (PFP) provides a secure file container that is portable, universally accessible and built on top of open standards. Regardless of where files are stored, PFP allows organizations to select, protect and share a file with anyone and also maintain full visibility into how it is being used and revoke access at anytime.
This is achieved via the new .tdf.html file format. When PFP is toggled on for an email, the sender will see .tdf.html added to the end of their supported attachments. Once the file is sent and a recipient downloads and opens the file, it will open a web page with the file displayed in Virtru's Secure Reader. This ensures that no matter where the file goes, it is always protected and only authorized parties can view it.
The rest of this article includes more information about PFP features, functionality, and an overview of the end-user experience. Please note that PFP integrates with leading Email Gateway providers and Digital Rights Management solution providers.
Supported File Types
Supported files and attachments for PFP include: .pdf, .docx, .xlsx, .pptx, .jpg, .png and .md
PFP Security Options
Persistent File Protection (PFP) is implemented as a security option for attachments in the Virtru for Gmail browser extension. A user sending attachments can enable PFP by toggling the Persistent Protection button in the Gmail compose window. Attachments do not have persistent protection until the persistent protection is toggled on.
The .tdf.html File Format
Persistent File Protection introduces a new file format called .tdf.html. When PFP is toggled on for an email, the user will see the .tdf.html file extension added to the end of their supported attachments. The .tdf.html file format ensures that files maintain all protection policy attributes upon download and are only readable through the Virtru Secure Reader.
All downloaded .tdf.html files are only readable through the Secure Reader. This means the recipient(s) will not be able to download and modify the document and are restricted to viewing it in their browser through Virtru's Secure Reader. See the section below for more information about accessing PFP files in Virtru's secure reader.
Secure Reader Experience
When recipients receive an email with a .tdf.html file, they will need to unlock the message through Virtru's Secure Reader or their Virtru plugin - the same way they would for any other encrypted email. Once through that process, recipients will be able to view the file in Virtru's Secure Reader and have the option to download the file. Once a recipient downloads the file, they will notice the file format ends in .tdf.html.
Any user trying to open the downloaded file will be forced to authenticate in their web browser prior to seeing the secure file in Virtru's Secure Reader. Unauthorized users will not be granted access. This is how Virtru is able to persistently protect the file regardless of where the file is stored.
Secured Attachment Section, Chips, and Icons
The implementation of Persistent File Protection introduces the Secured Attachments section in Gmail. This section helps users understand that their files are being protected by Virtru and differentiates files protected through PFP and Virtru's regular Trusted Data Format encryption (.tdf)
Persistent File Protection (PFP) brings several enhancements to attachment chips, icons, and tooltips to guide users through the PFP experience. The image below breaks down the different Attachment Chips & Tooltips.
When supported attachment types have PFP applied, their icon changes to a grey icon with a lock. This differentiation is to help users understand the difference between Virtru encryption and PFP.
Re-shared attachments will have the same attachment chips as PFP files but have reduced transparency to highlight that they are re-shared files.
To ensure a file remains protected no matter where it goes or who shares it, Virtru has introduced the concept of Re-Shared Attachments with Persistent Protection. A file with Persistent Protection becomes a re-shared attachment when someone other than the original owner shares the file. Any user who is not the original file owner is unable to change the Virtru policy on a file that is being shared as are-shared attachments.
Inline Image Support
Image payloads up to 25MB are now supported inline in Virtru emails. This provides users greater flexibility in creating contextual messages in encrypted emails.
Image payloads greater than 25MB are automatically moved to the secure attachments section.
3rd Party Support
While files protected with PFP are only viewable in Secure Reader today, Virtru provides guidance to users attempting to access protected files in 3rd party cloud services like OneDrive, Google Drive, and Dropbox. Users are notified that the file they are attempting to access is a Virtru Secure File and are directed to Secure reader to view.