VDcrypt is designed to encrypt virtual disc volumes. Each VDcrypt disc volume appears as an encrypted file-container on the host disc. The amount of created containers is not limited. In a simple case, one container is generated whose size is chosen when initially creating the container. On-the-fly encryption/decryption takes place in the background. Disc volume is disconnected upon work completion and only the encrypted file VDcrypt disc container remains on the host drive.
Working with attached discs is completely transparent and the user does not realize that online encryption/decryption takes place. Everything remains encrypted in the container after disconnecting the drive (encrypted disc volume). It is possible to utilize virtually all of the spare size of the host drive when creating the container. When selecting a smaller container size, e.g. 2 MB, it is possible to transmit it via email and save it to a different host disc and connect it again as a virtual disc volume. The container may also be present on another PC connected to the network and be made available as a file in the shared folder.
A number of containers may be simultaneously connected thus copying encrypted files from one to another is possible. Each encrypted container may have a different encryption key (which is also required for safety reasons). Key management has a number of options that are set in the administration. For the highest level of security, the keys are generated by CSA (Central Security Authority) and are stored in the GNT USB access tokens for two-factor authentication when connecting containers. Up to 500 encryption keys may be stored in one token.