We as a company evaluate Cryptomator as a possible encryption tool to protect sensitive corporate data.
Our plan is to use Microsoft Sharepoint as data storage and encrypt files stored on it. Furthermore, it is a requirement to work in collaboration, means if possible, we would like to use Microsofts Collaboration and Autosave Feature from Microsoft 365 through the dedicated Office applications and maybe also MS Teams. Can you enlighten me here, what options to integrate with Microsoft 365 with collaboration do you have?
Thank you in advance
Best regards
Lukas
Hi.
Microsoft needs to know your documents in order to provide features like collaboration work. But you are planning to hide all information from Microsoft by using Cryptomator. Also SharePoint is not only a data storage, so all SharePoint features like searching, indexing, teams integration and all other functions that rely on data from within your files, will not work.
Basically, with cryptomator you can use OneDrive for business as storage for the vault. But that’s it. Not letting Microsoft know anything does come with a price
For working in teams, cryptomator offers Cryptomator Hub. This will not solve your needs of fully integrated MS office solutions, but maybe its interesting for you anyways.
Hi Michael
Thank you for your reply. I see, that would basically be fine. How is it with OneDrive Files on Demand? As I know from similar software products, the setting to permanently hold a local copy on the machines where the encryption software ist installed on, is inevitable.
Thank you and with best regards
Lukas
Hi Michael
Do you refer that to the fact that, as soon as I open the Cryptomator vault within the Cryptomator client, that all files belonging to the vault will be downloaded automatically? For my company, it is important, that this features does not mean a risk that files within the could be corrupted due to the fact that the Files-On-Demand feature is enabled.
How is it with the data streams - is there any possibility that any unencrypted data can bypass the Cryptomator vault?
Otherwise, it seems that Cryptomator could be a good option for us.
Thank you in advance & best regards
Lukas
No. (Encrypted) files are only downloaded if needed. Means if you just open your vault, nothing happens with the encrypted files. Only if you open a file in the vault, the corresponding encrypted files are requested by the filesystem and thus downloaded by the onedrive client. Same way as it is with files outside the vault.
That would be a huge security issue and I doubt that.
But I am neither a developer of this app, nor have I reviewed the sourcecode. So I cannot give you guarantees. But if there would be such an issue, I am pretty sure it would have been detected already by the community.
Alright, thank you Michael. So that means, real-time collaboration is not possible and the users should save their changes and close the document before anybody else will edit it?
Thank you and with best regards
Lukas
