Enabling Client-Side Encryption in Cloud Storage Integrator

Client-side encryption is an effective way to protect sensitive data stored in the cloud. The Cloud Storage Integrator toolkit provides components that simplify integration with various cloud storage providers and allow you to quickly add strong client-side encryption with minimal configuration.

Client-side encryption ensures that data remains protected while at rest in the cloud. Even if another entity, or even the storage provider itself, gains access to your data, it will remain encrypted and unusable without the proper credentials.

All components in the Cloud Storage Integrator toolkit support encryption through the EncryptionAlgorithm and EncryptionPassword properties. When a password is specified using EncryptionPassword, the component automatically encrypts data during upload and decrypts it during download. The EncryptionAlgorithm property determines which encryption method is used.

As an example, consider the following code using the Dropbox component:

string dropboxPath = "/My Folder/sensitiveData.zip";
// Uploading
dropbox.LocalFile = "../MySensitiveData.zip";
dropbox.UploadFile(dropboxPath);
// Downloading
dropbox.ResourcePath = dropboxPath;
dropbox.LocalFile = "../MySensitiveData2.zip";
dropbox.DownloadFile();

To enable client-side AES encryption, simply set the encryption properties before calling UploadFile() or DownloadFile():

string dropboxPath = "/My Folder/sensitiveData.zip";
// Set the encryption password to enable client-side encryption/decryption.
dropbox.EncryptionPassword = "encryption password";
dropbox.EncryptionAlgorithm = DropboxEncryptionAlgorithms.eaAES;
// Uploading
dropbox.LocalFile = "../MySensitiveData.zip";
dropbox.UploadFile(dropboxPath);
// Downloading
dropbox.ResourcePath = dropboxPath;
dropbox.LocalFile = "../MySensitiveData2.zip";
dropbox.DownloadFile();