Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

Stored File Encryption: Boiled Eggs And Scrambled Data

By Philip Carden The shell of an egg protects its contents. But, once that shell is broken, it's all over--unless it's a hard-boiled egg. The emphasis lately has been on building eggshells--firewalls and perimeter security--around your network. Why not also hard boil, or encrypt, stored data?

Encryption and decryption of stored data don't seem like complicated procedures. But you'll be surprised at the breadth of features we encountered in our review of eight desktop encryption applications for Microsoft Windows95. We tested solutions from Aliroo, Data Fellows, EMD Enterprises, Jetico, McAfee, Security Dynamics Technologies, Software Shelf International and Symantec.

To view the Report card.
Although three of the products will suit your needs, each emphasized different features. The big surprise was Jetico's BestCrypt NP for Windows95--a product full of useful innovations, including a distinctive approach to authentication time-outs and on-the-fly encryption--which never requires data to be unencrypted on the disk. Norton Your Eyes Only from Symantec was far ahead in the area of administrative tools. But it was Security Dynamics Technologies' RSA SecurPC that took top honors. It's easy to use and versatile, it runs on multiple platforms, and it is suitable for encrypting e-mail attachments and stored files.

File-Protection Approaches The many aspects to desktop security include virus protection, physical access control, network access control, eavesdropping protection and stored f ile protection. Some products or suites address more than one of th ese areas. Our focus during testing was on the products' ability to provide easy-to-use and administer and versatile protection for information stored on disk.

Not surprisingly, a number of different approaches to processing encrypted stored information exist. For instance, Aliroo and McAfee provide for ad hoc encryption on a file-by-file basis only, while Data Fellows and Security Dynamics allow the encryption of entire folders at once. EMD and Symantec extend the folder concept, defining special folders whose contents are always encrypted when not in use. Lastly, Jetico and Software Shelf store encrypted files in a separate container file, accessible via the encryption application interface (Software Shelf) or via a "virtual drive" that appears like a regular mapped network drive under Windows Explorer (Jetico). Finally, though most of the products decrypt the file on disk, EMD and Jetico offer solutions that perform the encryption and decryption process between disk and memory so that data on disk is a lways encrypted.

Of course, stored files may not be the only files you want to protect. You also may need to guard files in transit, such as e-mail attachments. In many ways, sending e-mail attachments introduces a more complex situation--you're adding recipients who don't have decryption software, bandwidth constraints or perhaps the need to share your password. Protecting e-mail attachments is peripheral to the focus of our article, but because many of the products offer e-mail-oriented features, we included it in our testing.

We tested the relative performance of each product, but found that the actual time to encrypt and decrypt a file is very small (subsecond). Consequently, other ease-of-use considerations, such as right-mouse button support, tend to dominate from a user perspective. We found that the performance differences did not justify separate consideration.

Security Dynamics Technologies RSA Secur PC 1.1
In the company's own words, SecurPC provides "fast, reliable disk and file encryption from the most trusted name in cryptography." We agree. The product is fast, it's predictable, and RSA is certainly one of the best-known names in cryptography; many other manufacturers base their encryption products on licensed RSA technologies. SecurPC also is the most versatile product we tested, suitable both for standalone users and enterprise deployment; and it's equally suitable for protection of stored files or e-mail attachments.