I'm coding a web application that will act as a virtual file browser (the files are stored in a database). Users will be able to upload and download files. I just found out that there may be sensitive material in some of the files so they will need to be encrypted. I also just realized that encryption will only protect the files once I have them stored on the server. I don't have much experience with security in terms of transmission so I have a few questions.
For the files to be secure during upload & download, do I need to do something with SSL? Is this something that can be done with just C#? Is there something that needs to be done with the server to enable this? Does anyone have any resources they can point me to regarding this subject?
Thanks!