Community Server/Control Panel version: 12.1.1194
Type of installation of Workspace (docker, deb/rpm, exe): exe
OS: Windows Server 2016
Browser version: Firefox 109.0 (64-bit)
Hello, I am installing OnlyOffice Workspace in my organization and this was their query regarding the product. I found the sample file Stored in some Program Files (x86)'s inner folder and it is raising the question that if anyone has the access to the server then he/she could view whole organization’s any possible documents. Does the Control Panel’s Encryption have anything to do with avoiding this?
Hello @OnlyOfficeTester
This is correct - if any person gains direct access to the hard drive where portal data is located then he/she will be able to view it. However, I have to admit that all files are stored in anonymized form and it will be hard to differentiate them from each other.
Indeed, the Encrypt data at rest from Storage tab of Control Panel will help you to encrypt your data on disk and prevent any unauthorized user from viewing your data. You can find information on how it works and instruction on how to enable/disable it here:
https://helpcenter.onlyoffice.com/administration/control-panel-encryption.aspx
