Main Features
BestCrypt DataShelter software provides the following functionality:
1. The software allows the user to select any number of folders for protecting their contents from unwanted programs and users.
2. The software can allow all the programs (users) access the protected folder except selected programs or users. The protection can also work in the other direction: the software prevents all the programs (users) from accessing the folder, except the list of selected programs (users) that are allowed to access the folder.
3. The list of rules for allowing or denying access to a folder is formed into a so-called Protection Policy. BestCrypt DataShelter allows creating any number of policies. Any policy can be applied to any number of protected folders.
4. BestCrypt DataShelter is able to monitor communication between processes and provide protection of folders based on the information. The software also detects abnormal activity of processes in the protected folders and can react quickly up to terminating such a process.
5. BestCrypt DataShelter has a residential module that optionally can display an icon in the System Tray for faster running main commands of the software. The module also displays dialog windows to inform the user about important events related to the software activity. For example, if the software detects the abnormal activity in the protected folder of some process. In this case, BestCrypt DataShelter can instantly terminate the process and inform the user about that.
6. BestCrypt DataShelter remembers the history of accessing the protected folder and the history of communication between all the processes in the system, including parent-child relations or the cases when one process opens another process. The program remembers this history when the computer is turned off or the user reboots it. The user can create a policy for a protected folder based on the history.
7. The user can create a policy for the protected folder in several ways:
- manually selecting programs and users
- request BestCrypt DataShelter list all types of the files in the folder and allow only registered programs to access the files
- request BestCrypt DataShelter to create the protection policy based on the history of accessing the folder by the programs
The user can always edit the policy created automatically by the software.
8. As mentioned above, the program remembers the history of running processes. The history includes the hash (or secure checksum) of the executable files. If such a file is modified, in some cases it may mean that it is infected. When BestCrypt DataShelter detects a modification of some executable file and the corresponding program accesses a protected folder, the program notifies the user and temporarily denies access to the folder for the program. Read more about this type of protection in the Quarantine programs article.
9. BestCrypt DataShelter receives information about encrypted disk volumes from another Jetico program: BestCrypt Volume Encryption. Therefore, the user is always informed whether the protected folder is located on an encrypted volume or not. The user can always encrypt the underlying disk volume by the direct call of the corresponding BestCrypt Volume Encryption command simply by clicking the Encrypt button.
10. The program allows the user to create an encrypted and compressed backup archive of the protected folder with Jetico BCArchive software that is embedded into BestCrypt DataShelter. The user can ask the program to automatically and regularly synchronize the contents of the protected folder with the encrypted archive. Besides, the user can create a self-extracted executable with encrypted contents of the folder and extract the folder on any other computer without BestCrypt DataShelter installation.
11. The software creates a log file to document the activity of the processes in the protected folders. Lines in the log file for the normal and critical activity are shown in different colors in the LogView program that is distributed as a part of the BestCrypt DataShelter program. The user can also modify the existing policy using the information from the log file about the process activity in the folder.
See also:
Creating policy based on file types
Creating policy based on folder access history