HTTPS and two-factor authentication can be used for logon. AVFS file system remains in the DDP separate from the data and is never exposed to desktops. Operators only get to see a representation required for the Folder Volume mounted. AVFS and iSCSI can be physically separated using different network ports and subnets. Also hardware based hard disk encryption can be used when proper hard disks are used. AVFS is ISO 27001 and MPAA compliant. Auditing information is assembled during operation and does not need to be generated afterwards.