RSS
  Stored File Encryption: Boiled Eggs And Scrambled Data 
By Philip Carden
The shell of an egg protects its contents. But, once that shell is broken, it's all over--unless it's a hard-boiled egg. The emphasis lately has been on building eggshells--firewalls and perimeter security--around your network. Why not also hard boil, or encrypt, stored data?
Encryption and decryption of stored data don't seem like complicated procedures. But you'll be surprised at the breadth of features we encountered in our review of eight desktop encryption applications for Microsoft Windows95. We tested solutions from Aliroo, Data Fellows, EMD Enterprises, Jetico, McAfee, Security Dynamics Technologies, Software Shelf International and Symantec.
File-Protection Approaches The many aspects to desktop security include virus protection, physical access control, network access control, eavesdropping protection and stored f ile protection. Some products or suites address more than one of th ese areas. Our focus during testing was on the products' ability to provide easy-to-use and administer and versatile protection for information stored on disk. Not surprisingly, a number of different approaches to processing encrypted stored information exist. For instance, Aliroo and McAfee provide for ad hoc encryption on a file-by-file basis only, while Data Fellows and Security Dynamics allow the encryption of entire folders at once. EMD and Symantec extend the folder concept, defining special folders whose contents are always encrypted when not in use. Lastly, Jetico and Software Shelf store encrypted files in a separate container file, accessible via the encryption application interface (Software Shelf) or via a "virtual drive" that appears like a regular mapped network drive under Windows Explorer (Jetico). Finally, though most of the products decrypt the file on disk, EMD and Jetico offer solutions that perform the encryption and decryption process between disk and memory so that data on disk is a lways encrypted. Of course, stored files may not be the only files you want to protect. You also may need to guard files in transit, such as e-mail attachments. In many ways, sending e-mail attachments introduces a more complex situation--you're adding recipients who don't have decryption software, bandwidth constraints or perhaps the need to share your password. Protecting e-mail attachments is peripheral to the focus of our article, but because many of the products offer e-mail-oriented features, we included it in our testing. We tested the relative performance of each product, but found that the actual time to encrypt and decrypt a file is very small (subsecond). Consequently, other ease-of-use considerations, such as right-mouse button support, tend to dominate from a user perspective. We found that the performance differences did not justify separate consideration.
Security Dynamics Technologies RSA Secur
PC 1.1
To download an Adobe Acrobat .pdf format version of the Desktop Encryption chart, click here.
|
To view the Report card.
In the company's own words, SecurPC provides "fast, reliable disk and file encryption from the most trusted name in cryptography." We agree. The product is fast, it's predictable, and RSA is certainly one of the best-known names in cryptography; many other manufacturers base their encryption products on licensed RSA technologies. SecurPC also is the most versatile product we tested, suitable both for standalone users and enterprise deployment; and it's equally suitable for protection of stored files or e-mail attachments.
Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
