The Encrypt data at rest feature provided by the Control Panel allows you to ensure the security of sensitive data on your portal.
Encryption is a reversible conversion of information in order to maintain the confidentiality of the data stored on disk. Thus, even if intruders managed to gain access to the data stored on the hard disk, they will not be able to read it, since it is encrypted.
Encryption is based on a Encrypt-then-MAC type of encryption (AES-256-CBC + HMAC-SHA256) of the entire body of data within the ONLYOFFICE instance and is compliant with AES-256 international data encryption standard. AES-256 encryption type with CipherMode.CBC symmetric algorithm are used for enciphering the data on the portal, while SHA256 hashing function paired with HMAC message authentication code screening verify the integrity and the authenticity of the encrypted data.
This feature is available only for server versions.