Auto Encryption
  • 09 May 2024
  • 5 Minutes to read
  • Dark

Auto Encryption

  • Dark

Article summary

Auto Encryption on Onedrive


Auto-Encryption is a feature in OneDrive/SharePoint that provides automatic encryption for files stored within specific folders or SharePoint sites. Once activated by an administrator, this feature not only scans and encrypts all existing and new files in the designated areas but also continuously monitors for any changes to those files. It automatically encrypts any modifications to ensure ongoing data security and privacy.

Pre-requisites for Using Auto-Encryption

Before you begin using the Auto-Encryption feature in OneDrive/SharePoint, there are a few important prerequisites to consider. These guidelines are designed to ensure a smooth and efficient encryption process without impacting your system performance or data management.

  • Administrator Access Required:
    Only administrators have the privilege to activate the Auto-Encryption feature. This ensures that the encryption settings are managed centrally and securely, maintaining control over who can alter sensitive configurations.

  • Storage Considerations for Large Folders:
    If you are planning to encrypt a folder containing more than 100,000 files, it's crucial to check SharePoint storage capacity. Encrypting a large number of files may generate new versions of each file, which could significantly increase your storage usage.

  • Resource Limits and Timing:
    It's recommended to wait for a 24-hour period before activating the auto-encryption process for large folders, particularly new datasets uploaded to SharePoint containing over 100,000 files. This waiting period helps ensure that your SharePoint tenant's resource limits are not exceeded, preventing any potential performance degradation.

  • Special Handling for Very Large Data Sets:
    If your folder exceeds 500,000 files, please contact us before proceeding. This will allow us to allocate the necessary resources and ensure the encryption process does not disrupt your operations.

Understanding the Auto-Encryption Process

When you enable Auto-Encryption for a folder, our system initiates a comprehensive scan of all the files contained within that folder. Each file, regardless of its extension, will be encrypted, and this new encrypted version is then stored as a new version of the file on Sharepoint. It's important to note that the old, unencrypted versions of the files are not removed; however, we are considering adding this capability in a future update. If this is a critical feature for your needs, please contact us to discuss options.

During the encryption process, you can track the progress and view details of the files being scanned through the admin dashboard under the OneDrive section. This feature allows you to ensure that all necessary files are securely encrypted and to verify the ongoing status of the encryption operation.

How to enable auto-encryption on a folder

Step 1: Right-click the folder>Organisation Name >Add to Auto Encryption.


Step 2: A new browser window will open, displaying an action button for enabling and disabling auto-encryption.
Please note: Users need to be logged into Anchor before adding a folder to auto-encryption. If not already logged in, users will be redirected to the login page to initiate the process.

Screenshot 2024-05-09 at 13.05.57.png

How to manage auto-encryption folder

Enabling an Auto-encryption Folder from the Dashboard

Step 1: Login to admin dashboard and select Integrations>Sharepoint> Auto-Encryption

Step 2: Click on the action button on the right side to enable auto-encryption.
Screenshot 2024-05-09 at 13.11.52.png

Step 3: After enabling auto-encryption, a confirmation modal with a success message will pop up.
Screenshot 2024-05-09 at 13.12.57.png

Disabling an Auto-encryption Folder from the Dashboard

Step 1: Login to admin dashboard and select Integrations>Sharepoint> Auto-Encryption

Step 2: Click on the action button on the right side to disable auto-encryption.
Screenshot 2024-05-09 at 13.08.50.png

Step 3: A warning pop-up message will be displayed, indicating the impact of the action, along with options to cancel or proceed with disabling."

Screenshot 2024-05-09 at 13.09.52.png

Step 4: After disabling auto-encryption, a confirmation modal with a success message will pop up.
Screenshot 2024-05-09 at 13.11.06.png

Frequently Asked Questions (FAQ)

How can I encrypt an entire OneDrive drive?
Encrypting an entire OneDrive drive requires specific configurations that our support team can assist you with. Please contact our support team for guidance.

How can I decrypt files?
To decrypt files, please reach out to our support team. They will provide the necessary assistance to ensure your files are decrypted .

What does "Scanning" status mean on the dashboard?
The "Scanning" status indicates that the system is currently processing all existing files in the designated folder, encrypting each one sequentially. This is an initial phase to secure all previously stored data.

What is meant by "Monitoring"?
After all existing files have been encrypted, the dashboard status will change to "Monitoring." This means our system is actively detecting any new changes or additions to the folder and will automatically encrypt any new files introduced.

What happens when I disable auto-encryption?
If you disable auto-encryption, the system will temporarily stop scanning and monitoring for changes in the folder. Encryption will resume from where it was disabled once you re-enable it, ensuring that all files created or modified during the disable, as well as any new files, are encrypted. Disabling the encryption process will not decrypt any files that have already been encrypted.

How long does it take to encrypt my data?
The duration for encrypting data can vary. For instance, encrypting 100,000 files typically takes about 20 hours. However, this timeframe can be influenced by several factors including the size of the files, their age, the number of active auto-encryption folders, and current system traffic.

Why is it taking time for my newly added file to get encrypted?
If there are folders currently in the "Scanning" stage of encryption, the system prioritizes completing their encryption first. Files in folders that are in the "Monitoring" stage will be encrypted subsequently. This prioritization ensures efficient use of resources and maintains the integrity of the encryption process.

For more detailed support, do not hesitate to contact our customer service team.

Known Limitations

To ensure optimal performance and reliability of the Auto-Encryption feature, it's important to be aware of certain limitations currently in place. These are part of our ongoing efforts to enhance the feature while providing secure and efficient service.

File Size Limit
Currently, our system does not encrypt very large files exceeding 300MB. While there is no strict upper limit to the file size that can be encrypted, the success rate for encrypting files larger than 300MB is significantly lower. This limitation is due to the increased complexity and resource requirements associated with processing large files. If you require encryption for files larger than this threshold, please contact our support team for specialized assistance.

File Extension Coverage
At present, the Auto-Encryption feature is designed to encrypt files of all extensions to ensure comprehensive data security across your OneDrive or SharePoint environment. However, if you need to exclude specific file extensions from being encrypted—perhaps due to application compatibility or other operational requirements—our support team can help tailor the encryption settings to better fit your needs.

These limitations are part of our commitment to transparency and service excellence. We continuously work to improve our features and expand their capabilities, aiming to meet the evolving needs of our enterprise clients. If you encounter any challenges or have specific requirements, our support team is ready to assist you.

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.

Eddy AI, facilitating knowledge discovery through conversational intelligence