Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

File-System Encryption with Trusted Platform Module

Encryption protects sensitive information stored in private keys, configuration files, logs, and system-generated files on disk drive file systems.

Encryption provides the support to protect sensitive information in the configuration files, logs, and private keys on the file-system of the disk drives. Encryption also prevents unauthorized access to data stored in files on a disk or disk volume.

Encryption also prevents unauthorized access to data stored in files on a disk or disk volume.

File system encryption is supported on devices for bulk encryption of file names, folder names, file contents, and other meta-data that operates on an entire volume. In this method, the data is automatically encrypted when written to disk and decrypted when read from it. The encryption key is enclosed to the Trusted Platform Module (TPM) 2.0 device. The files are accessible immediately after the encryption key is provided. The data stored on the encrypted file system is read using the encryption keys.

Use Feature Explorer to confirm platform and release support for specific features.

Benefits of File-System Encryption

  • Prevents revealing of confidential information from offline attacks.

  • Provides data destruction for secure data erasure by destroying the cryptographic keys.

  • All files are automatically encrypted, by default without any user action.

Related Documentation