Persistent File Protection - About
Persistent File Protection (PFP) provides a secure file container that is portable, universally accessible and built on top of open standards. Regardless of where files are stored, PFP allows organizations to select, protect and share a file with anyone and also maintain full visibility into how it is being used and revoke access at anytime.
This is achieved via the new .tdf.html file format. When PFP is toggled on for an email, you will see .tdf.html added to the end of your attachments. Once the file is sent and a recipient downloads and opens the file, it will open a web page with the file displayed in Virtru's Secure Reader. This ensures that no matter where the file goes, it is always protected and only authorized parties can view it.
The rest of this article includes more information about how to use PFP features. Please note that PFP integrates with leading Email Gateway providers and Digital Rights Management solution providers.
Supported File Types
Supported files and attachments for PFP include: .pdf, .docx, .xlsx, .pptx, .jpg, and .png
Persistent File Protection (PFP) is implemented as a security option for attachments in the Virtru for Gmail browser extension. A you can enable PFP for an attachment by toggling the Persistent Protection button in the Gmail compose window. Attachments do not have persistent protection until persistent protection is toggled on.
The .tdf.html File Format
Persistent File Protection introduces a new file format called .tdf.html. When PFP is toggled on for an email, the user will see the .tdf.html file extension added to the end of their supported attachments. The .tdf.html file format ensures that files maintain all protection policy attributes upon download and are only readable through the Virtru Secure Reader.
All downloaded .tdf.html files are only readable through the Secure Reader. This means the recipient(s) will not be able to download and modify the document and are restricted to viewing it in their browser through Virtru's Secure Reader.
Secure Reader Experience
When recipients receive an email with a .tdf.html file, they will need to unlock the message through Virtru's Secure Reader or their Virtru plugin - the same way they would for any other encrypted email. Once through that process, recipients will be able to view the file in Virtru's Secure Reader and have the option to download the file. Once a recipient downloads the file, they will notice the file format ends in .tdf.html.
Any user trying to open the downloaded file will be forced to authenticate in their web browser prior to seeing the secure file in Virtru's Secure Reader. Unauthorized users will not be granted access. This is how Virtru is able to persistently protect the file regardless of where the file is stored.
To learn more about the recipient experience, read our article on [accessing a .tdf.html file.]
Request Access Workflow
The PFP workflow does allow unauthorized users/recipients to request access to a file. If someone requests access to a file you own, you will receive an email notification from Virtru. Access is managed through the Virtru Dashboard. Our [Request Access Workflow article] covers how to approve, deny and manage these requests in your Virtru Dashboard.
Secured Attachment Section, Chips, and Icons
The implementation of Persistent File Protection introduces the Secured Attachments section in Gmail. This section helps users understand that their files are being protected by Virtru and differentiates files protected through PFP and Virtru's regular Trusted Data Format encryption (.tdf)
Persistent File Protection (PFP) brings several enhancements to attachment chips, icons, and tooltips to guide users through the PFP experience. The image below breaks down the different Attachment Chips & Tooltips.
When supported attachment types have PFP applied, their icon changes to a grey icon with a lock. This differentiation is to help users understand the difference between Virtru encryption and PFP. Re-shared attachments will have the same attachment chips as PFP files but have reduced transparency to highlight that they are re-shared files.
If a file has an exclamation point icon, then the filetype is not currently supported for PFP. Hover over the icon to see a pop-up with more information on why the particular file is not supported.
To ensure a file remains protected no matter where it goes or who shares it, Virtru has introduced the concept of Re-Shared Attachments with Persistent Protection. A file with Persistent Protection becomes a re-shared attachment when someone other than the original owner shares the file. Any user who is not the original file owner is unable to change the privacy settings on a file that is being shared as are-shared attachments.
3rd Party Support
While files protected with PFP are only viewable in Secure Reader today, Virtru provides guidance to users attempting to access protected files in 3rd party cloud services like OneDrive, Google Drive, and Dropbox. Users are notified that the file they are attempting to access is a Virtru Secure File and are directed to Secure reader to view.