In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply Persistent File Protection (PFP) to an encrypted file.
PFP provides a secure file container that is portable, universally accessible, and built on top of open standards. Regardless of where files are stored, PFP allows you to select, protect, and share a file with anyone while maintaining full visibility into how it is being used and retaining the ability to revoke access at any time. Any file protected with PFP with convert into the .tdf.html file format. This ensures that the contents are only accessible in Virtru's Secure Reader and only authorized parties can view it.
This feature can be applied using our Gmail plugin, Outlook Desktop Extension (Desktop only), or Outlook 365 Add-in (for Web, Desktop, Mobile). It cannot be configured while sending from the mobile apps (iOS or Android) or adjusted in the Control Center. It supports the following common file types:
- Microsoft Office documents: .docx, .pptx, .xlsx
- Common image file formats: .jpeg, .png
- PDF documents
Note that although newer Microsoft office file types are supported, older versions (.doc, .ppt, .xls) are not compatible. Additionally, these other common file types are NOT supported: .msg, .zip, .md.
Manage PFP in Virtru Email Clients
PFP can be set for attachments before an email is sent
1. Open a new draft and toggle Virtru ON.
2. If you are using Virtru for Gmail, iOS, or Android, open the Security Options or Security Settings menu. Security options for the Outlook Desktop Extension are visible in the Message tab while composing a message. Security options for the Outlook 365 Add-in are visible once the Virtru add-in is opened and toggled ON.
3. Select Persistent Protection/PFP from the menu.
4. Compose the rest of your message and Send.
When enabled for an email, PFP will apply to all compatible file types.
PFP can also be managed after an email is sent
1. With Virtru enabled, open the sent secure message. In Gmail and Outlook 365, expand the Security Options menu. In the Outlook Desktop Extension, these settings are visible in the Home tab of the Inbox view or the Message tab of the popped-out message view.
2. Select or deselect the Persistent Protection option.
When recipients receive an email with a .tdf.html file, even if they are a plugin user, they will need to view the file in Virtru's Secure Reader. Once the file is unlocked in the Secure Reader, they will have the option to download the file. If downloaded, the file will remain in the .tdf.html format.
Any time this user or another party tries to open the downloaded .tdf.html file, they will be forced to authenticate in their web browser prior to seeing the secure file in Virtru's Secure Reader. Unauthorized users will not be granted access. This is how Virtru is able to persistently protect the file regardless of where the file is stored.
While files protected with PFP are only viewable in Secure Reader today, Virtru provides guidance to users attempting to access protected files in 3rd party cloud services like OneDrive, Google Drive, and Dropbox. Users are notified that the file they are attempting to access is a Virtru Secure File and are directed to Secure reader to view.
Request Access Workflow
Although Virtru PFP restricts access to only authorized users, new (unauthorized) users are allowed to request access to a file. If someone requests access to a file you own, you will receive an email notification from Virtru. Access is then managed through the Virtru Control Center. Our Request Access Workflow article covers how to approve, deny and manage these requests in your Virtru Control Center.
To ensure a file remains protected no matter where it goes or who shares it, Virtru has introduced the concept of Re-Shared Attachments with Persistent Protection. A file with Persistent Protection becomes a re-shared attachment when someone other than the original owner shares the file. Any user who is not the original file owner is unable to change the privacy settings on the file that is being shared.