This article is useful for those who want to share an electronic file that contains sensitive information. Besides PGP, IS&T does not currently support a third-party product that does file encryption. PGP comes loaded with a tool called PGP Zip. See more information on PGP Zip below.
Note that if you have whole disk encryption on your computer, the files on it are not encrypted, only the drive on which the files reside. So if you send a file to someone via email or other means, the file itself is not encrypted.
File encryption is different from whole disk encryption. It allows you to put a password on a file or a folder. The recipient needs the key (password) to decrypt the contents of the file/folder.
Using cloud storage, such as Dropbox, that has encryption built in, might seem like a good idea. However, most cloud storage companies also hold the decryption keys, meaning they could decrypt your files should they need to. If you do use the cloud, make sure you add encryption to sensitive files in addition to the encryption already in place.
|Not all encryption methods are created equal! Make sure you are using a file encryption tool that encrypts according to DoD (Department of Defense) standards, which is the AES (Advanced Encryption Standard). It supersedes DES (Data Encryption Standard).|
|Safely store the password to decrypt! If you lose your password, you will NOT be able to decrypt the contents of the file(s).|
|Use a strong password! If the password is easy to guess or crack, then the contents it is protecting will not be secure, even if encrypted.|
Below are some of the most common tools that can be used for file or folder encryption. These tools are not endorsed or recommended by IS&T, and IT staff at MIT may not be able to assist you with troubleshooting. For support, contact the vendor.
The following reviews come from Lifehacker.com:
GNU Privacy Guard (Windows/Mac/Linux, Free)
GNU Privacy Guard (GnuPG) is an open-source implementation of the famed Pretty Good Privacy (PGP) encryption tool---you can read the very interesting history of PGP and how GnuPG came to be here. GnuPG is a volume and individual file encryption tool with support for a dozen encryption schemes, paired keys, and expiring signatures. GnuPG doesn't only provide rock-solid local file encryption; it is, thanks to paired encryption and public key servers, a great tool for encrypted communication. Please note, regular old GnuPG is a command line tool. Check out the list of graphical wrappers and application plug-ins for various operating systems here.
Disk Utility (Mac, Free)
Disk Utility is a diverse tool that handles almost any disk-related tasks you'd need on OS X. The utility is capable of creating secure disk images and file volumes encrypted with AES 128-bit or 256-bit encryption. Like most native Mac utilities and applications, Disk Utility and the accompanying encryption blends seamlessly into the OS X experience and makes mounting and un-mounting encrypted volumes a breeze. Instructions by Apple.
7-zip (Windows, Free)
Compared to some of the heavyweights, like GnuPG and TrueCrypt (no longer available!), it might be easy to dismiss the popular file compression tool 7-zip as a lightweight. 7-zip fills a perfect niche for many people, however, by offering simple ZIP container-based encryption. If you're not interested in encrypting a ton of files or maintaining an entire encrypted volume, but you still want to make sure important documents like tax returns or other Social Security bearing documents are locked up tight, 7-zip sports strong AES-256 encryption. Create a new compressed archive, throw your files in it, and slap a password on. Your files are strongly encrypted and stored right alongside your regular documents.
AxCrypt (Windows, Free)
AxCrypt is a free encryption tool for Windows. Once installed it integrates with the Windows shell and offers simple right-click encryption and decryption of files with AES-256 encryption. Your entire interaction with AxCrypt can take place exclusively from the right-click context menu. In addition to integrating with Windows and offering easy encryption and decryption, you can also use the tool to create self-extracting archives to securely transport files or transfer them to a friend---no AxCrypt installation necessary at the other end.
PGP Zip (Windows, Free with PGP Desktop)
If you have PGP Desktop installed on your machine, you can use a tool that comes included with the software, called PGP Zip. Instructions on how to use PGP Zip, supplied by Symantec.