This article explains Managed File Dates/ Times for various typical Use Cases.
SSProtect protects and manages your data using secured and coordinated execution on both your host computer and with KODiAC Cloud Services. Files are converted from plaintext to ciphertext, moved to the cloud, stored, recalled, emailed, copied, deleted, restored, accessed, modified, and so forth - and every action impacts the date/ time stamp associated with the file.
This article describes SSProtect's impact on managed file dates and times to help you better understand what to expect from associated operations.
File Access Details and General Policy
Windows provides three date/ time attributes for every file:
- Created or Creation Time
- Modified or Last Write Time
- Accessed or Last Access Time
These attributes are impacted when software applications make changes to files. The remainder of this article describes the impact you can expect to encounter for common SSProtect operations.
Protection vs. Conversion vs. Encryption
It is unfair to characterize data protection with the terms Encryption and/ or Decryption, since a great deal of protective capability is derived from the use of other cryptographic measures. For this reason, we use the terms Activate and Release to depict the reality of adding an item to the protective, managing scope of SSProtect.
Data Encryption and Decryption are used to obfuscate content from unauthorized users, providing Data Confidentiality. We most often refer to the acts of Encrypting/ Decrypting as Conversion, preferring the use of a generic reference without (or with minimal) implied meaning.
SSProtect Conversion employs temporary files and other resources to achieve its' goals, managed by configuration policies hidden from view to simplify and/ or eliminate confusion. If you encounter issues using the software, contact our Support team to review.
SSProtect does not change file date/ time information when you Activate Protection. Though this does obviously Encrypt content, replacing a plaintext file with a new ciphertext result, the resulting encrypted/ protected file attributes are updated to retain the original time information associated with the original file.
Securely Accessing Managed Content
When you access managed content, SSProtect obviously provides plaintext to managing applications for you to use. When you save and close the file, the application updates the plaintext target file before SSProtect continues to encrypt and finalize protection.
In this process, SSProtect upon completion assigns date/ time information to the final ciphertext result to match the values last applied when the managing application performs its' final write. This retains as much compatibility as possible with any intent imposed by the managing application (instead of using the date/ time values that may be a second or two later).
As expected, the act of Releasing Protections has no impact to the file's date/ time values, as SSProtect restores the resulting plaintext file's value to those that existed at the beginning of the Release operation.
Restoring with :Recover
When Restoring content from :Recover Archives, resulting files carry the time/ date values associated with the Recovered instance. This most often maintains the Created Date/ Time while adjusting the Modified/ Accessed Date/ Time values.
Managed Files/ Restore Lists
The files enumerated in the Hostlist, Versionlist, and Archivelist display the UTC values of the Modified Date/ Time associated with a file's instance. These same values are reflected in the resulting Modified Date/ Time for Restored content, noted above.
You can of course review :Assess logs to gain insight into dates/ times at which KODiAC Cloud Services acted on managed content, as noted in its' help Topic. Note that this information will most often be slightly different from the results observed on your host computer since each operation utilizes a different clock source at a different time in the Conversion workflow.
Time Zones, Daylight Saving, and Integrity Protection
The Operating System governs date/ time stamp changes for data flowing through a host computer, and individual applications execute operations that have an impact on these results. In some cases, external applications may impose changes to file date/ time values, which can at present impact Integrity Validation.
Note, however, that host-specific time zone and daylight saving adjustments do not (often) impact Integrity Validation because of the way Windows manages this information. This certainty carries over to Remote Profile Deployment, which as a result should not adversely affect Integrity Validation.
If you encounter issues with related dynamics, contact our Support team for assistance.
Masked :xRecovery Encoded Files
Though somewhat secondary, it's worth noting that :xRecovery maintains proper Restored file date/ time integrity even after decrypting to plaintext. For more information, refer to articles in the :xRecovery Section of this site.
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to firstname.lastname@example.org, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v9.1.3 of the :Foundation Client